17:40 - 18:40
Talk (60 min)
What happens if I change this URI… oooooh
In the latest release of the OWASP top 10, Broken Access Control went from #5 to #1. When a user can access functions or data that should be restricted by just changing the URI, the results can often be catastrophic.
In this talk, I will show why this vulnerability type is commonly overlooked, what happens when it's found using real world examples, how you can prevent such issues and most importantly how you can test for it efficiently.