BOLA: A Critical API Vulnerability

I enjoyed this article about BOLA (Broken object level authorization), which can be a major vulnerability in any API. Since more and more of the world runs on APIs, this is not good.

This article approaches the problem from the viewpoint of a manager, a developer and an attacker. That alone sets it apart from many other articles documenting vulnerabilities.

Dan