A Survey of Prevent and Detect Access Control Vulnerabilities. (arXiv:2304.10600v1 [cs.CR])

Broken access control is one of the most common security vulnerabilities in
web applications. These vulnerabilities are the major cause of many data breach
incidents, which result in privacy concern and revenue loss. However,
preventing and detecting access control vulnerabilities proactively in web
applications could be difficult. Currently, these vulnerabilities are actively
detected by bug bounty hunters post-deployment, which creates attack windows
for malicious access. To solve this problem proactively requires security
awareness and expertise from developers, which calls for …

access access control applications attack awareness bounty breach broken access control bug bug bounty control data data breach deployment detect developers hunters incidents loss major malicious privacy privacy concern problem result revenue security security awareness solutions survey vulnerabilities web web applications windows