Automatic Detection of Inadequate Authorization Checks in Web Applications

Provided by:
Topic: Software
Format: Webcast
Gaps in the enforcement of access control policy of a software system can lead to privilege escalation, allowing unauthorized access to sensitive resources and operations. The presenter describe a novel technique to automatically detect missing and inconsistent authorization checks in web applications with static analysis and conclude with empirical results of using their approach on real-world applications.

Find By Topic