Overview
Explore the hidden dangers of Shadow and Zombie APIs in this 22-minute conference talk from BSidesLV. Learn to understand, discover, and identify these potential security vulnerabilities that can expose private information or create unintended backdoors. Delve into the problem scope, classical solutions, and practical techniques for popular Web API frameworks like Express.js and SpringBoot using Interactive Application Security Testing. Discover methods to increase difficulty for adversaries and see a demonstration of an open-source tool designed to proactively bridge the gap between API specifications and actual exposures. Gain valuable insights from speaker Amit Srour on protecting your systems from these unexpected threats.
Syllabus
Ground Floor, Tue, Aug 6, 17:00 - Tue, Aug 6, CDT
Taught by
BSidesLV