Research

Deep dives, investigations, and research notes from the JustAppSec team.

Insecure Direct Object References (IDOR)

Explains object level authorization failures that let users access or modify other users' data. Covers attack patterns and robust authorization checks.

IDORAccess Control

Row-Level Security Patterns for Postgres

Explains how PostgreSQL RLS enforces tenant and user isolation at the data layer. Covers policy design, session context patterns, and common pitfalls.

PostgresRLSAccess Control

Loading research…

Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.