AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
2min chapter
API SECURITY BEST PRACTICES 2022
Cloud Security Podcast
Is It Too Common to Block Requests With a Token?
A layered approach is always going to be the best way to go. Waffs are great, they do a lot of good block and tackling for some of those low hanging fruit. If someone that's an authorized user sends over a very obvious request with a sequel injection, then it's going to get caught by that waff. Their token can be bad, and their ip can be blocked, all that stuff. Yut when they're an authorized user, make a legitimate request. So e making a request for your resources,. if they don't have the logic to determine that usury siould access usurby's resources than that waff isn't going to help too much.
00:00
Transcript
Episode notes
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode