AppSec & DevSecOps

D5: "The Web is APIs!!!" (apologies to Soylent Green)

Friday, September 23, 2022 9:30 AM - 10:30 AM

Room 503

APIs are a fundamental part of any modern system, but with this reliance on them it is necessary to understand and address the various security issues, weaknesses and gotchas inherent in API designs._x000D_ This presentation describes what the various APIs are, uncovers their fundamental flaws, shows how they are attacked, and wraps up with some simple, yet effective, ways of securing APIs, regardless of whether they are RESTful, GraphQL, SOAP or something else.