Common REST API Security Pitfalls

Common REST API Security Pitfalls

OWASP Foundation via YouTube Direct link

Guidelines

6 of 31

6 of 31

Guidelines

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Common REST API Security Pitfalls

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Demo
  3. 3 About me
  4. 4 API
  5. 5 HTTP
  6. 6 Guidelines
  7. 7 HTTPStrict Transport Security
  8. 8 Warming Up
  9. 9 Application Layer
  10. 10 Endpoints
  11. 11 State Changing Operations
  12. 12 Missing Authorization
  13. 13 Session Information
  14. 14 Clientside Session Data
  15. 15 JSON Web Token
  16. 16 Decode Functions
  17. 17 Token Misuse
  18. 18 JSON Web Token Rabbit Hole
  19. 19 Cookies
  20. 20 Authorization Header
  21. 21 Attachment to outgoing requests
  22. 22 Default solutions
  23. 23 Crosssite request forgery
  24. 24 Transparent token
  25. 25 Crossorigin resource sharing
  26. 26 Custom headers
  27. 27 Cookies for API
  28. 28 Input validation
  29. 29 Input validation best practices
  30. 30 Over or under estimating input validation
  31. 31 Build secure stuff

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.