This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
@Nathan Aw That's a great question. I've seen some vendors that handle
BOLA in different ways. * RASP - Some RASP solutions, (Sqreen for
example) in order to mitigate the problem, will alert you on enumeration
attempts: too many calls to a specific A...
Hi @Nathan Aw, I'm a co-leader of the OWASP API Security Project.BOLA
(Broken Object Level Authorization), and Excessive Data Exposure are
great examples for API security issues. BOLA is a vulnerability that
should be fixed in the code level. In orde...