If you have integer IDs it is also trivial to find authorization flaws on your own. Any pentester will go for it right away.
If you make non guessable IDs they might skip it and go look for other stuff.
If you have integer IDs it is also trivial to find authorization flaws on your own. Any pentester will go for it right away.
If you make non guessable IDs they might skip it and go look for other stuff.