Sat 20 Nov 2021

Insecure Direct Object Reference & How to Protect Against it

Insecure Direct Object Reference (IDOR) is one of the most common forms of broken access control which OWASP recently listed as the number one application security issue in 2021. A quick search for "IDOR" on Hacker One's Hacktivity feed shows that many top tech companies (and even the U.S. Department of Defense) have fallen victim to IDOR, in some cases paying out well over $10,000 per bug bounty. In this post, I'll explain what IDOR is, what causes it, and ways to protect your application against it.

Source: Insecure Direct Object Reference & How to Protect Against it, an article by Karan Kajla.

Spider-Man (2002)

When bitten by a genetically modified spider, a nerdy, shy, and awkward high school student gains spider-like abilities that he eventually must use to fight evil as a superhero after tragedy befalls his family.

In the evening we watched Spider-Man. To me the movie was OK and I give it a 6.5 out of 10.