Application Security Terminology


Svg Vector Icons : Return to Glossary

Abuse of Functionality

Did You Know? There’s a 11% likelihood that your website is vulnerable to Abuse of Functionality


Abuse of Functionality is an attack that subverts an application's intended functionality with the purpose of attacking itself or others. Abuse of Functionality attacks can tie up resources, work their way around access controls,or leak information. They can even include situations where an application's features appear to be functioning properly but instead are being used to achieve an undesirable or nefarious result. 

To prevent Abuse of Functionality attacks, developers should perform robust threat modeling exercises for each application feature. This modeling needs to test against a comprehensive set of use and abuse cases to ensure that the application enables only intended functionality.