The API and Application Protection Blog

ThreatX platform updates, threat research on the latest critical CVEs and 0 days impacting APIs and web applications, alongside strategies and tactics for overcoming the challenges of modern security teams.

Subscribe for API and application protection tactics

Sign up for exclusive threat research, company and content updates, and the occasional fun contest.

  • Blog
  • Application Security
  • Threat Intelligence
  • News
  • Product Updates
  • People & Culture
  • Vulnerabilities
  • Cloud Security
  • API Security
API Security BY Bret Settle

Broken Object Property Level Authorization: What It Is, How We Can Help

Number 3 on the 2023 OWASP API Security Top 10 list, Broken Object Property Level Authorization is a new 2023 addition and combines two entries on the 2019 list:  Excessive Data Exposure and Mass Assignment. OWASP made this change to focus on the root cause of these two vulnerabilities: the lack of or improper authorization […]

VIEW MORE