Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

ProfessionalCommunity Edition

Testing access controls with Burp Suite

  • Last updated: August 30, 2024

  • Read time: 1 Minute

Access control (or authorization) is the placing of constraints on who or what can perform a certain action or access a specific resource within an application.

Broken access controls are a commonly encountered and often critical security vulnerability. If access controls are not correctly configured then an attacker may be able to access resources that they do not have authorization to access. This could lead to the attacker potentially obtaining sensitive data or discovering additional attack surface for the application.

Burp Suite enables you to use a range of tools to test for access control vulnerabilities.

Was this article helpful?