Ensure that no resources are enumerable in your public APIs.
Web Developer Security Checklist
Michael O'Brien

Thanks for this great list! Just curious as I haven’t spent much/any time working on public APIs, what is the security risk posed by enumerable resources?

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.