OWASP’s 2025 Wake-Up Call: Why Broken Access Control Still Haunts Web Security

November 18, 2025

OWASP’s 2025 findings show broken access control remains one of the most persistent and damaging web security problems. The article highlights how common implementation mistakes — such as relying on client-side checks, inconsistent authorization across APIs and microservices, overly permissive defaults, and inadequate session/token handling — continue to expose sensitive data and functionality.

Share on

Twitter Facebook LinkedIn

The Security Vulnerabilities to Watch For When You’re Vibe Coding

September 4, 2025

This article discusses common security vulnerabilities developers should be aware of when “vibe coding”—coding quickly without strict adherence to best pract...

Separating AI Hope from AI Hype

August 20, 2025

If you believe the hype, artificial intelligence will soon take all our jobs, or solve all our problems, or destroy all boundaries between reality and lies. ...

Why Good Security Fails: The Asymmetry of InfoSec Investment

August 12, 2025

One of the many paradoxes of security is that when you have invested appropriately (sometimes at significant expense) and you have less and less incidents, t...

The Art of Selling as an Engineer: What Does a Solutions Architect Do?

August 9, 2025

A great podcast to learn about what a “Solutions Architect” does and brings value! As always, a great podcast from Daliani Liu.

Krishna Bala, Ph.D.

OWASP’s 2025 Wake-Up Call: Why Broken Access Control Still Haunts Web Security

Share on

You may also enjoy

The Security Vulnerabilities to Watch For When You’re Vibe Coding

Separating AI Hope from AI Hype

Why Good Security Fails: The Asymmetry of InfoSec Investment

The Art of Selling as an Engineer: What Does a Solutions Architect Do?