Blog

#authorization.

2 articles tagged "authorization".

All Tutorials Deep dives Opinions Comparisons Career Field notes Case studies QA trends

Deep dives·13 June 2026 · 9 min read

Authorization testing: roles, permissions, and the assumptions that leak

Authentication asks who you are; authorization asks if you are allowed. Most access-control bugs live in the second question — tested with a written access matrix and a lot of negative testing.

security-testingauthorizationrbacbugs

Case studies·13 June 2026 · 8 min read

The release we delayed because one permission bug changed everything

A green suite, a flawless demo, and a permission check enforced in the UI but not the API — exposing every customer's data. Caught the day before release.

case-studysecurity-testingauthorizationrelease