web-security

lgessler 2020-08-07T07:03:07.003900Z

@lgessler has joined the channel

lgessler 2020-08-07T07:05:22.007600Z

sorry if this is OT but i thought this was the best place: let's say i have an http endpoint that is unauthenticated but only gives you data for a given UUID. If my sensitive data is behind this API, should i worry about it being unauthenticated? my kneejerk answer is no because a uuid bruteforce would take too long, but i'm wondering if i'm missing sth