The Open Web Applications Security Project releases their top 10 vulnerabilities every 3 or 4 years. It contains the most common types of problems developments have inadvertently delivered in their web applications.
The next reiteration which is currently in draft contains Broken Access Control (BAC) as the number 1 issue web applications are susceptible to.
After analysing over 500,000 application data logs provided by OWASP supporters and friends of the project, the top 10 was decided using this data for 8 of the top 10 and 2 were from a survey proved to the industry.
What is Broken Access Control?
Broken Access Control is the method of modifying something that the app accepts by either impersonating someone or something someone else had.
For example, a user of the application may be the holder of a cookie or JWT (JSON Web Token) and the malicious actor gets hold of it, changes it to make a request and the application unwittingly fulfils it.
Thank you Zendesk. That’s why we love you.
Starting today, Zendesk have started to roll out the new Agent management page. And it looks great and is perfect for managing those stray licenses that aren’t being used.
You can even sort the Agents by last sign in date. Awesome!
Not sure if this Team Members page is available for all. But we have already seen it in our Developer environment and client instances.
Well done Zendesk. Keep improving!