Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Using API Specifications to Attack APIs

LASCON via YouTube

Overview

Explore how API specifications can be leveraged to identify and exploit vulnerabilities in a 57-minute conference talk from LASCON. Delve into recent breaches caused by misconfigured APIs and learn how scanning tools can help detect these vulnerabilities. Examine the role of API spec frameworks like OpenAPI/Swagger in centralizing security conformance monitoring for development and security teams. Trace the history of API security and understand the importance of API specs in securing modern applications. Differentiate between various types of API documents, including documentation and specifications. Discover methods for locating APIs through public resources and scanners, as well as techniques for finding API specs both manually and automatically. Through attack and spec examples, gain insights into how attackers can use spec documents to target APIs. Presented by Jason Kent, Hacker In Residence at Cequence Security, this talk provides valuable knowledge for developers and security professionals alike.

Syllabus

Using your API Specs to attack your APIs - Jason Kent

Taught by

LASCON

Reviews

Start your review of Using API Specifications to Attack APIs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.