This course explains how software developers and testers can determine if their web applications are vulnerable to A01:2021 Broken Access Control, as defined by the Open Web Application Security Project (OWASP).
On successful completion of this course, learners should have the knowledge and skills required to:
- Define and identify broken access control
- Identify insecure direct object references and test for common methods used to exploit such vulnerabilities
- Create and implement testing methods to identify path traversal vulnerabilities, missing function level access control, and forced browsing using industry best practices and tools