Business Logic Abuse - Response

Response

The response to business logic abuse can be quite challenging for two reasons. First, detecting business logic abuse is difficult. The perpetrators using the same functionality used by legitimate users and therefore, their traffic is likely intermingled with real traffic. This can make the identification of these types of exploits problematic.

Second, since the criminal is using a legitimate flow on a website or other application, disabling that flow would result in a very poor experience for the website’s users. Finding an approach where legitimate users can access the business flow while limiting access to the bad actor is an especially tricky endeavor.

Read more about this topic:  Business Logic Abuse

Famous quotes containing the word response:

    The reason can give nothing at all Like the response to desire.
    Wallace Stevens (1879–1955)

    I am accustomed to think very long of going anywhere,—am slow to move. I hope to hear a response of the oracle first.
    Henry David Thoreau (1817–1862)

    Perhaps nothing in all my business has helped me more than faith in my fellow man. From the very first I felt confident that I could trust the great, friendly public. So I told it quite simply what I thought, what I felt, what I was trying to do. And the response was quick, sure, and immediate.
    Alice Foote MacDougall (1867–1945)