DES 280 - OWASP M10: Mitigating Extraneous Functionality
In this course, you will learn how to mitigate the risks associated with extraneous functionality. Typically, an attacker seeks to understand extraneous functionality within a mobile app in order to discover hidden functionality in backend systems. The attacker will typically exploit extraneous functionality directly from their own systems without any involvement by end-users.
After completing this course, you will be able to:
- Identify Extraneous Functionality
- Understand how an attacker might exploit this vulnerability in your software
- Mitigate exposure to this threat