DEV Community

Canming Jiang
Canming Jiang

Posted on

Why Is Broken Access Control OWASP’s #1 Threat?

Do you know the #1 OWASP security risk is broken access control? And the reasons? We had a great conversation with Bill and shared some thoughts here.

Discussion (1)

t0nyba11 profile image
Tony B

From my experience, the reason access control is number one is software is simply badly written and buggy, or using a framework or library that was equally badly written and buggy, or never intended for the purpose it is being used for now. Development moves at such a pace now, and includes so many dependencies, that the likelihood of including broken access controls at some level is pretty high.