Broken Object Level Authorization | OWASP TOP 10 | API Security Series - Phoenix SecurityScape

Welcome to the third video of our API Security Series!

In this episode, we cover the number 1 vulnerability of OWASP TOP 10 - API Security which is Broken Object Level Authorization:

1. What is Broken Object Level Authorization(BOLA) in APIs ? Concept of BOLA and Difference between IDOR and BOLA.
2. How an application becomes vulnerable to BOLA: Understanding the root cause of the vulnerability, Understanding the flaw on the code level and some example scenarios of BOLA in different types of applications.
3. Live Hacking Demo: Live Exploiting the APIs to get Username and Password from all the users leads to Mass Account Takeover.
3. Mitigation and Impact of BOLA: How to build secure APIs and What will be the impact of BOLA vulnerability on the target organization ?

Perfect for beginners and security professionals or developers looking to refresh their knowledge.

Like, subscribe, and hit the bell to stay updated!

#APIs #APIbasics #APISecurity #cybersecurity #cybersecurityandhacking #bugbounty #bugbountyhunting #bugbountytipsandtricks #penetrationtesting #penetrationtestingcybersecurity #penetrationtestingmethodology #penetrationtestingandvulnerabilityassessment #livehacking