Explore a novel technique for automatically detecting missing and inconsistent authorization checks in web applications through static analysis. Learn about the challenges of implementing proper access control policies and the impact of gaps in enforcement. Discover different methods for specifying access control requirements in web applications, including configuration- and annotation-based approaches. Gain insights into the speaker's approach for static detection of missing checks and remediation suggestions. Examine empirical results from applying this technique to real-world applications, understanding common authorization mistakes made by developers. Delve into the importance of robust access control in modern software systems and the potential consequences of privilege escalation vulnerabilities.