Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Webhooks Hookups - Abusing API Developers

OWASP Foundation via YouTube

Overview

Explore the potential security risks of webhooks in this 26-minute conference talk from OWASP Global AppSec Tel Aviv. Delve into how the open-ended nature of webhook integrations can lead API developers to inadvertently expose sensitive data beyond intended boundaries, potentially resulting in network compromises. Examine real-world examples of vulnerable applications and learn about the researchers' experiences with discovering and responsibly disclosing webhook-related vulnerabilities. Gain insights into how webhook development tools are being exploited in the wild and discover practical preventive measures to mitigate these threats. Learn about a new toolkit designed to help audit organizational webhook exposure. Presented by Tomer Zait, Principal Security Researcher at F5, and Maxim Zavodchik, Security Research Manager at F5 Networks, this talk offers valuable knowledge for anyone involved in API development or cybersecurity.

Syllabus

Webhooks Hookups Abusing API Developers TOMER ZAIT & MAXIM ZAVODCHIK

Taught by

OWASP Foundation

Reviews

Start your review of Webhooks Hookups - Abusing API Developers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.