Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

NDC Conferences

Getting API Security Right

NDC Conferences via YouTube

Overview

Explore best practices for securing APIs in this comprehensive NDC Security 2022 conference talk. Dive into real-world cases illustrating the evolving API landscape and its impact on application security. Learn about the API attack surface, common authorization problems, and effective techniques to mitigate vulnerabilities. Gain actionable guidelines to assess and enhance your API security, covering topics such as enforcing sensible limits, handling sensitive data exposure, implementing function-level authorization, and understanding JWT security. Discover the importance of proper client controls, mass assignment prevention, and API testing. Examine the role of API firewalls, auditability, and token management in creating a robust security framework. By the end of this talk, acquire valuable insights to fortify your APIs against potential threats and ensure a secure application ecosystem.

Syllabus

Intro
The cowboy years are over
Enforce sensible limits
The client is irrelevant
Client controls are useless
Sensitive Data Exposure
Mass Assignment
Test Your API
API Firewalls
Rest API
Implement Function Level Authorization
Auditability
Cookies
Tokens
Understand your requirements
Follow Jot Security
What happens when API goes wrong
Outro

Taught by

NDC Conferences

Reviews

Start your review of Getting API Security Right

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.