Результаты посика

OWASP – API Security – Top 10

Сообщение от CN Etagy вкл 14.05.2022

OWASP – API Security – Top 10

OWASP API security ( are an unbarred provider endeavor that’s intended for stopping organizations out of deploying possibly vulnerable APIs. APIs expose mini characteristics so you’re able to people, so it is crucial that you work with how to make these APIs secure and give a wide berth to recognized shelter downfalls. Let’s browse the OWASP top a number of API safety weaknesses:

  1. Damaged Object Level Authorization
  2. Busted authentication
  3. Extreme study exposure
  4. Shortage of info and you will speed limiting
  5. Broken Mode Peak Authorization
  6. Size assignment
  7. Safety Misconfiguration
  8. Injections
  9. Poor resource government
  10. Not enough logging and you can overseeing

step one. Busted Object Height Authorization

Broken Target Top Agreement is a susceptability that’s introduce when using IDs to recover information out of APIs. Pages prove so you’re able to APIs using protocols including OAuth2.0. When retrieving data away from APIs, users may use object IDs so you can bring data. Let us consider an illustration API from Fb, where we obtain associate info playing with a keen ID:

Continue Reading

оставьте ответ

Ваш электронный адрес не будет опубликован.

Сравнить списки