Cloud Security Podcast cover image

API SECURITY BEST PRACTICES 2022

Cloud Security Podcast

00:00

Is It Too Common to Block Requests With a Token?

A layered approach is always going to be the best way to go. Waffs are great, they do a lot of good block and tackling for some of those low hanging fruit. If someone that's an authorized user sends over a very obvious request with a sequel injection, then it's going to get caught by that waff. Their token can be bad, and their ip can be blocked, all that stuff. Yut when they're an authorized user, make a legitimate request. So e making a request for your resources,. if they don't have the logic to determine that usury siould access usurby's resources than that waff isn't going to help too much.

Transcript
Play full episode

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner
Get the app