Fixing Broken Access Control - Cloud-Native Authorization Principles and Patterns
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the critical issue of Broken Access Control in this 45-minute conference talk from the OWASP Foundation. Delve into why it tops the OWASP Top 10 list and learn about the challenges of implementing effective access control in cloud-native applications. Examine successful fine-grained access control systems used by major tech companies and understand why 94% of applications still struggle with broken access vulnerabilities. Compare role-based access control (RBAC) with more advanced approaches like attribute-based access control (ABAC) and relationship-based access control (ReBAC). Discover the emerging ecosystems of policy-as-code and policy-as-data, focusing on Open Policy Agent (OPA) and Google's Zanzibar. Gain insights into cloud-native authorization principles and patterns, and learn about open-source projects for implementing fine-grained access controls in your applications and APIs.
Syllabus
Fixing Broken Access Control
Taught by
OWASP Foundation
Related Courses
Infrastructure-as-Code Security: Why, What, and HowPluralsight Managing Resources with Azure Policy
LinkedIn Learning Enforcing Standards on Terraform with HashiCorp Sentinel
HashiCorp via YouTube Building Modern Access-Control for Cloud Applications with Or Weis - SnykLIVE Recording
Snyk via YouTube Infrastructure as Code - Is It Really?
NDC Conferences via YouTube