Automatic Protection Against BOLA Attacks ¶
Behavioral attacks such as Broken Object Level Authorization (BOLA) exploit the vulnerability of the same name. This vulnerability allows an attacker to access an object by its identifier via an API request and either read or modify its data bypassing an authorization mechanism.
Potential targets of the BOLA attacks are endpoints with variability. Wallarm can automatically discover and protect such endpoints among the ones explored by the API Discovery module.
To enable automatic BOLA protection, proceed to Wallarm Console → BOLA protection and turn the switch to the enabled state:
Each protected API endpoint will be highlighted with the corresponding icon in the API inventory, e.g.:
You can filter API endpoints by the BOLA auto protection state. The corresponding parameter is available under the Others filter.