The Haunted House of APIs - The Witch’s Brew with Jayesh Ahire

206.507 - 227.354 Jayesh Ahire

Nowadays, in the new OWASP API top 10, we have BOPLA, which is Broken Object Properties Authorization. Then there's always BAFLA, which is Broken Function Level Authorization. Not to just throw some terms, but essentially when the API was built, the authentication authorization was not configured properly. And that's where somebody else can get access to somebody else's information.