SlideShare is now on Android. 15 million presentations at your fingertips.  Get the app

×
  • Share
  • Email
  • Embed
  • Like
  • Private Content
 

Hacking’s Gilded Age: How APIs Will Increase Risk And Chaos

by on Mar 04, 2012

  • 1,433 views

This presentation was given by Layer 7 CTO K. Scott Morrison at RSA Conference and explores why APIs (which are largely RESTful services) are fundamentally different than conventional Web sites, ...

This presentation was given by Layer 7 CTO K. Scott Morrison at RSA Conference and explores why APIs (which are largely RESTful services) are fundamentally different than conventional Web sites, despite the fact that they share common elements such as the HTTP protocol. Web sites abstract back-end applications behind a veneer of HTML that should — if it is well-designed — constrain capability and thus limit an organization’s security exposure. APIs, in contrast, represent a more explicit interface leading directly into applications. These often self-document their intent and thus provide a hacker with important clues that may reveal potential attack vectors — from penetration to denial-of-service. Because of this, APIs require a much more sophisticated model for access control, confidentiality around parameters, integrity of transactions, attack detection, throttling and auditing.

Statistics

Views

Total Views
1,433
Views on SlideShare
874
Embed Views
559

Actions

Likes
0
Downloads
8
Comments
0

2 Embeds 559

http://www.layer7tech.com 558
http://www.layer7.com 1

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
Post Comment
Edit your comment

Hacking’s Gilded Age: How APIs Will Increase Risk And Chaos Hacking’s Gilded Age: How APIs Will Increase Risk And Chaos Presentation Transcript