Episode 179: OWASP Top 10 Part 1 - Broken Access Control, IDOR, and CORS Explained

Episode 179: OWASP Top 10 Part 1 - Broken Access Control, IDOR, and CORS Explained

From The Cyber Threat Perspective by SecurIT360

April 30, 2026 · 29 min · Season 1 · Episode 179

About this episode

The episode discusses the OWASP Top 10, focusing on Broken Access Control, IDOR, and CORS as part of a multi-part series.

In Episode 179 of the Cyber Threat Perspective podcast, host Brad Causey and web app pen tester Jordan Natter kick off a multi-part series on the OWASP Top 10, the newly updated list of the most common and critical web application security risks, with a fresh version released in 2025. Before diving in, Brad sets the record straight on something that's been bugging him for 20 years: the OWASP Top 10 is an awareness document, not a compliance framework, not a pen test checklist, and not a compr...

People in this episode

Host: Brad Causey

Guest: Jordan Natter

Topics covered

  • web application security
  • OWASP Top 10
  • access control
  • IDOR
  • CORS
  • security risks

Keywords

  • OWASP
  • web application
  • security risks
  • Broken Access Control
  • IDOR
  • CORS
  • pen testing
  • compliance

Mentioned in this episode

Organizations: OWASP

More episodes of The Cyber Threat Perspective

Explore listener stats, chart rankings, contacts and more on the The Cyber Threat Perspective podcast page.