Sometimes times the best hack is no hack at all — $2900 Shopify Bug Bounty

Access control is key.

Photo by Ashin K Suresh on Unsplash

Broken Access Control was listed by the Open Web Application Security Project (OWASP) as the number one web app security risk in 2021. When applications get increasingly complex with more API endpoints and features, it can become more difficult to develop and adhere to policies to maintain proper…