Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

BOLABuster: Harnessing LLMs for Automating BOLA Detection

BSidesLV via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore an innovative approach to automating Broken Object Level Authorization (BOLA) detection in APIs and web applications. Learn how Large Language Models (LLMs) are harnessed to overcome challenges in identifying BOLA vulnerabilities, which are considered a top risk by OWASP API. Discover the BOLABuster methodology, which leverages AI-backed techniques to understand application logic, reveal endpoint dependencies, generate test cases, and interpret results. Gain insights into the research that has led to the discovery of multiple vulnerabilities in open-source projects, including 15 CVEs for a single project and a critical vulnerability in Grafana. Compare BOLABuster's efficiency against state-of-the-art fuzzing tools and understand how it achieves BOLA detection with significantly fewer API requests. Join this 37-minute conference talk at BSidesLV to delve into the AI journey behind this novel approach to vulnerability research and its potential impact on API security.

Syllabus

Breaking Ground, Wed, Aug 7, 12:30 - Wed, Aug 7, CDT

Taught by

BSidesLV

Reviews

Start your review of BOLABuster: Harnessing LLMs for Automating BOLA Detection

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.