API 213 - Mitigating APIs Mass Assignment

Course Details

Course Number: API 213

Course Duration: 15 minutes

Course CPE Credits: 0.3

NICE Specialty Areas

Software Development (DEV)
Protect & Defend (PR)

Related Subject Matter

API
NICE
NIST
OWASP API
Secure Development
Web

Foreign Languages Available:

English

Course Overview

Mass Assignment occurs when adversaries exploit unexposed object properties or methods through API parameters. An API might be vulnerable to Mass Assignment if the application directly binds parameters to an internal object’s properties without proper validation.

On successful completion of this course, learners should have the knowledge and skills required to:

Avoid direct use automatic binding
Define and enforce schemas for input payloads
Validate and filter input before binding
Use read-only properties where appropriate

Ready to Demo this course? Questions? Contact Us!