Many security solutions, ancient or new, focus on catching security errors when code is written in stone. We need to change this approach if we want to defeat hackers who are not primarily targeting APIs, as they are easy to find, publicly available and exposing enterprise data. This talk proposes some approaches and how developers can leverage tools to find issues early, when they are easier to fix.
📚 What will you learn?
✅ API specific threats and why they are attractive to hackers
✅ The mistakes when writing and testing APIs
✅ Addressing API security mistakes
✅ Tools and tactics to the rescue
✅ API Security as Code
