In a business logic attack, the bad actor uses the legitimate processing flow of an application to gain access and achieve outcome not expected as per the application logic. As these attacks are outside the norm of standard or common authentication exploits, most security solutions have difficulty detecting business logic attacks. The best solutions are those that can understand the application’s underlying business logic so an outlier presence can be detected and blocked. Business logic vulnerabilities should be addressed ideally by deploying security solutions early in the Development Process.