Releases/
December 2023

Eliminating BOLA: Automated Authorization Policy Testing Through Code-Free Descriptions

Aptori's Sift, an API security testing tool, can autonomously generate and execute test cases to verify the business logic and confirm the effectiveness of an authorization policy. Sift ensures comprehensive testing of all possible scenarios involving creators, actors, actions, and entities, handling anything from 10 to thousands of test cases, all completed swiftly within seconds.

Eliminating BOLA: Automated Authorization Policy Testing Through Code-Free Descriptions

Aptori's Sift, an API security testing tool, can autonomously generate and execute test cases to verify the business logic and confirm the effectiveness of an authorization policy. Sift ensures comprehensive testing of all possible scenarios involving creators, actors, actions, and entities, handling anything from 10 to thousands of test cases, all completed swiftly within seconds.

Moreover, authorization policies can now be conveniently defined using straightforward tables (no code) or a few lines of YAML code (low code). This allows Sift to automatically create test cases for hundreds of access scenarios, thoroughly validating each aspect of an authorization policy. This comprehensive validation ensures that Broken Object Level Authorization (BOLA) issues become a concern of the past.