API Exploitation

Broken-Authorisation-API-KrishnaG-CEO

OWASP Top 10 API Security Risks – 2023: API3:2023 – Broken Object Property Level Authorisation

by

API3:2023 represents a nuanced security challenge where improper or absent authorisation checks allow attackers to access or manipulate sensitive properties of an object within an API. Unlike broader access control issues, this risk focuses specifically on granular authorisation, which determines the visibility or modifiability of individual object properties.

Client-Code-Quality-KrishnaG-CEO

OWASP Top 10 for Mobile Apps: M7 – Client Code Quality

by

Client code quality refers to the soundness, reliability, and maintainability of the code executed on mobile devices. The “M7” designation in the OWASP Top 10 highlights vulnerabilities resulting from poorly written client-side code. These vulnerabilities can stem from inadequate input validation, insecure coding practices, or the use of deprecated libraries.