How a recent DirectDefense security assessment revealed a common application vulnerability through commandeering access controls.