Secure API authentication and authorization is at the heart of Application Security. We will explore the landscape of popular vulnerabilities such as brute force attacks, JWT vulnerabilities, inadequate session management, user enumeration, Captcha related vulnerabilities, login page weaknesses, Broken Object Level Authorization (BOLA), and privilege escalation.

This session will focus on practical examples and testing use cases that could have potentially prevented top 5 attacks related to authentication and authorization in the year 2023.

This session is invaluable resource for developers, Application and Product security professionals, and anyone involved in Security by Design.