This repository contains an example Spring Boot application that implements REST API functionality, Spring MVC and Data JPA, introduces common application security vulnerabilities, and demonstrate how to prevent the vulnerabilities from occurring.
In the Resources folder there is a PDF file that can be viewed inline on GitHub, that goes over the steps of the security controls implemented in the project with screenshots, explanations, etc.
This project demonstrates the following security controls/vulnerabilities:
- Insecure Binder Configuration - Mass Assignment
- Input Validation Controls
- Access Controls