2021 OWASP Top Ten: Server Side Request Forgery

SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network access control list (ACL). As modern web applications provide end-users with convenient features, fetching a URL becomes a common scenario. As a result, the incidence of SSRF is increasing. Also, the severity of SSRF is becoming higher due to cloud services and the complexity of architectures. #OWASPTOP10 Video 11 / 11 ⬇️⬇️⬇️ JOIN THE COMMUNITY! ⬇️⬇️⬇️ DevCentral is an online community of technical peers dedicated to learning, exchanging ideas, and solving problems - together. Find all our platform links ⬇️ and follow our Community Evangelists! 👋 ➡️ DEVCENTRAL: https://community.f5.com ➡️ YOUTUBE: https://youtube.com/devcentral ➡️ LINKEDIN: https://www.linkedin.com/showcase/f5-devcentral/ ➡️ TWITTER: https://twitter.com/devcentral Your Community Evangelists: 👋 Jason Rahm: https://www.linkedin.com/in/jrahm/ | https://twitter.com/jasonrahm 👋 Buu Lam: https://www.linkedin.com/in/buulam/ | https://twitter.com/buulam 👋 Aubrey King: https://www.linkedin.com/in/aubreyking | https://twitter.com/aubreykingf5