Chapter 1 Assignment
Threat-model your API
The brief
Write a 1-page threat model for your Grit API in notes.md: 5 assets, 5 actors (user, admin, attacker, bot, partner), and 10 threats (one per OWASP category). One paragraph each.
You've completed this when
- Document covers all 10 OWASP categories
- Each threat has a Grit endpoint it applies to
- You can defend the priorities you set
Worked through every criterion?
Push your code to GitHub, paste the link in your notes.md, and move on.
Continue to ch.2: Broken Access Control