Academy

Know and learn more on API Security.

Account Takeover (ATO)

Bot Management Tools

Broken Access Controls

Broken Authentication/Broken User Authentication (BUA)

Broken Function Level Authorization (BFLA)

Broken Object Level Authorization (BOLA)

Bug Bounty Program

Business Logic Attack

Client-Side Attacks

Cloud-native Security

Coupon Scraping

Credential Abuse

Credential Stuffing

Cross-Site Scripting (XSS)

Cryptomining Malware

Data Exfiltration/Leakage

Defense-in-Depth (DiD)

Device Fingerprinting

Excessive Data Exposure

Gift Card Fraud

Improper Assets Management

Insecure Deserialization

Insecure Direct Object Reference (IDOR)

Insufficient Logging & Monitoring

Inventory Hoarding

Keystroke Loggers

Lack of Resources & Rate Limiting

Local File Inclusion (LFI)

Mass Assignment

Next Generation WAF

Open Authorization (OAuth)

OWASP API Top 10

Penetration Testing

Personally Identifiable Information (PII)

Policy Decision Point (PDP)

Policy Enforcement Point (PEP)

Positive Security Model

RASP / Runtime Application Self Protection

Remote Code Execution (RCE)

Security Misconfiguration

Sensitive Data Exposure

Software Composition Analysis (SCA)

Threat Landscape

Threat Modeling

WAAP / Web Application & API Protection

WAF / Web Application Firewall

Web Application Security

Zero-day Attack