You've used end-point security. You've got intrusion detection. Your dev teams practice shift-left security. You've got an NG WAF, and some RASPs. . . . but your apps still aren't secure. Why not?
The new battleground for attacking applications is at the API level. Not managing and mitigating your API risk is like locking your front door, but leaving your back door open. A major analyst firm predicts that by 2022, API abuses will be the most frequent attack vector resulting in data breaches. Is this all for real?
Inon Shkedy has been hacking API's since he first touched computers. He's hacked them as a member of the Israeli Army Red Team. He has security consulted for many companies big and small. He's also a co-author of the OWASP API Top 10 list, which focuses on the top vulnerabilities in this threat landscape. And he'll be your guide through the mind of an API attacker, so you can:
- Learn how this new battleground has come about
- See how common API attacks play out
- Understand why firewalls aren't enough
- Understand your options to mitigate API vulnerabilities