SlideShare a Scribd company logo

Codemotion 2022 - API Security Workshop.pdf

Francisco Javier Barrena
Francisco Javier Barrena

Si tu API es pública, y lo será al 99% de probabilidades, está expuesta a ataques. "Aiii, pero es que mi API no está documentada, y nadie sabe donde está, entonces no me la pueden atacar" - Dice un developer (/) ( ? ?° ? ? ? ?°) ?? ?? Claro que si guapi... Los ataques a APIs se han incrementado un 681% en los últimos 12 meses, y eso tiene una razón. Generalmente, no se protegen adecuadamente, y son una manera estupenda de exfiltrar datos ya que en muchas ocasiones ni siquiera se monitoriza. En este taller veremos cómo securizar una API de forma práctica, y divertida ;)

Engineering
1 of 5
Download to read offline
API Security Workshop to harden your API At least what you can…
01 02 05 04 03 06 Table of contents Know the most common API attacks API Attacks Secure API design Cheap tooltips to design your API securely APIs and Docker Don’t have a DevOps in your team? Don’t worry… Monitoring Security must be ensured not only by developers… Coding! A set of examples to apply learned concepts! Security architecture elements What can I add?
Requirements for this workshop You will need… ● Node and NPM ● Docker ● Git ● Internet connection ● An IDE (Visual Studio Code, i.e)
Install things
CREDITS: This presentation template was created by Slidesgo, including icons by Flaticon and infographics & images by Freepik Thanks! Do you have any questions? francisco@kyso.io @DogDeveloper at Twitter kyso.io Please keep this slide for attribution

Recommended

Samsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native AppSamsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native AppRyo Jin
 
Announcing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck TalksAnnouncing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck TalksAmazon Web Services
 
External Editors for Arduino
External Editors for ArduinoExternal Editors for Arduino
External Editors for Arduinoarduinoatbangladesh
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWSAmazon Web Services
 
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsA Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsAmazon Web Services
 
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsA Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsAmazon Web Services
 
The Best Python IDEs and Code Editors.pdf
The Best Python IDEs and Code Editors.pdfThe Best Python IDEs and Code Editors.pdf
The Best Python IDEs and Code Editors.pdfAppdeveloper10
 
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...Amazon Web Services
 

Recommended

Samsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native AppSamsung Indonesia: Tizen Native App
Samsung Indonesia: Tizen Native AppRyo Jin
 
Announcing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck TalksAnnouncing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck TalksAmazon Web Services
 
External Editors for Arduino
External Editors for ArduinoExternal Editors for Arduino
External Editors for Arduinoarduinoatbangladesh
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWSAmazon Web Services
 
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsA Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsAmazon Web Services
 
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsA Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsAmazon Web Services
 
The Best Python IDEs and Code Editors.pdf
The Best Python IDEs and Code Editors.pdfThe Best Python IDEs and Code Editors.pdf
The Best Python IDEs and Code Editors.pdfAppdeveloper10
 
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...Amazon Web Services
 
SRV312 DevOps on AWS: Building Systems to Deliver Faster
SRV312 DevOps on AWS: Building Systems to Deliver FasterSRV312 DevOps on AWS: Building Systems to Deliver Faster
SRV312 DevOps on AWS: Building Systems to Deliver FasterAmazon Web Services
 
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar Series
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar SeriesGetting Started With Continuous Delivery on AWS - AWS April 2016 Webinar Series
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar SeriesAmazon Web Services
 
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptat
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptatDominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptat
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptatmdevtalk
 
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...Wouter Bloeyaert
 
Tizen Native Application Development with C/C++
Tizen Native Application Development with C/C++Tizen Native Application Development with C/C++
Tizen Native Application Development with C/C++Gilang Mentari Hamidy
 
I Love APIs - Oct 2015
I Love APIs - Oct 2015I Love APIs - Oct 2015
I Love APIs - Oct 2015Mike McNeil
 
Code detox
Code detoxCode detox
Code detoxAmr Elghadban (AmrAngry)
 
Wintellect - Devscovery - Portable Class Library
Wintellect - Devscovery - Portable Class LibraryWintellect - Devscovery - Portable Class Library
Wintellect - Devscovery - Portable Class LibraryJeremy Likness
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Building Better IoT Applications without Servers
Building Better IoT Applications without ServersBuilding Better IoT Applications without Servers
Building Better IoT Applications without ServersIan Massingham
 
DevOps on AWS: DevOps Day San Francisco
DevOps on AWS: DevOps Day San FranciscoDevOps on AWS: DevOps Day San Francisco
DevOps on AWS: DevOps Day San FranciscoAmazon Web Services
 
Developer Tools at AWS 2018.pdf
Developer Tools at AWS 2018.pdfDeveloper Tools at AWS 2018.pdf
Developer Tools at AWS 2018.pdfAmazon Web Services
 
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...Amazon Web Services
 
The Dev, Sec and Ops of API Security - NordicAPIs
The Dev, Sec and Ops of API Security - NordicAPIsThe Dev, Sec and Ops of API Security - NordicAPIs
The Dev, Sec and Ops of API Security - NordicAPIs42Crunch
 
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...Simplilearn
 
Application Lifecycle Management
Application Lifecycle ManagementApplication Lifecycle Management
Application Lifecycle ManagementAmazon Web Services
 
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...Amazon Web Services
 
DevOps and Application Security
DevOps and Application SecurityDevOps and Application Security
DevOps and Application SecurityShahee Mirza
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or lessMohammed A. Imran
 
ABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyDerek E. Weeks
 
¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software
¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software
¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu softwareFrancisco Javier Barrena
 
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...Francisco Javier Barrena
 

More Related Content

Similar to Codemotion 2022 - API Security Workshop.pdf

SRV312 DevOps on AWS: Building Systems to Deliver Faster
SRV312 DevOps on AWS: Building Systems to Deliver FasterSRV312 DevOps on AWS: Building Systems to Deliver Faster
SRV312 DevOps on AWS: Building Systems to Deliver FasterAmazon Web Services
 
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar Series
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar SeriesGetting Started With Continuous Delivery on AWS - AWS April 2016 Webinar Series
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar SeriesAmazon Web Services
 
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptat
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptatDominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptat
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptatmdevtalk
 
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...Wouter Bloeyaert
 
Tizen Native Application Development with C/C++
Tizen Native Application Development with C/C++Tizen Native Application Development with C/C++
Tizen Native Application Development with C/C++Gilang Mentari Hamidy
 
I Love APIs - Oct 2015
I Love APIs - Oct 2015I Love APIs - Oct 2015
I Love APIs - Oct 2015Mike McNeil
 
Wintellect - Devscovery - Portable Class Library
Wintellect - Devscovery - Portable Class LibraryWintellect - Devscovery - Portable Class Library
Wintellect - Devscovery - Portable Class LibraryJeremy Likness
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Building Better IoT Applications without Servers
Building Better IoT Applications without ServersBuilding Better IoT Applications without Servers
Building Better IoT Applications without ServersIan Massingham
 
DevOps on AWS: DevOps Day San Francisco
DevOps on AWS: DevOps Day San FranciscoDevOps on AWS: DevOps Day San Francisco
DevOps on AWS: DevOps Day San FranciscoAmazon Web Services
 
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...Amazon Web Services
 
The Dev, Sec and Ops of API Security - NordicAPIs
The Dev, Sec and Ops of API Security - NordicAPIsThe Dev, Sec and Ops of API Security - NordicAPIs
The Dev, Sec and Ops of API Security - NordicAPIs42Crunch
 
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...Simplilearn
 
Application Lifecycle Management
Application Lifecycle ManagementApplication Lifecycle Management
Application Lifecycle ManagementAmazon Web Services
 
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...Amazon Web Services
 
DevOps and Application Security
DevOps and Application SecurityDevOps and Application Security
DevOps and Application SecurityShahee Mirza
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or lessMohammed A. Imran
 
ABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyDerek E. Weeks
 

Similar to Codemotion 2022 - API Security Workshop.pdf (20)

SRV312 DevOps on AWS: Building Systems to Deliver Faster
SRV312 DevOps on AWS: Building Systems to Deliver FasterSRV312 DevOps on AWS: Building Systems to Deliver Faster
SRV312 DevOps on AWS: Building Systems to Deliver Faster
 
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar Series
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar SeriesGetting Started With Continuous Delivery on AWS - AWS April 2016 Webinar Series
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar Series
 
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptat
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptatDominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptat
Dominik Veselý - Vše co jste kdy chtěli vědět o CI a báli jste se zeptat
 
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...
JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...
 
Tizen Native Application Development with C/C++
Tizen Native Application Development with C/C++Tizen Native Application Development with C/C++
Tizen Native Application Development with C/C++
 
I Love APIs - Oct 2015
I Love APIs - Oct 2015I Love APIs - Oct 2015
I Love APIs - Oct 2015
 
Code detox
Code detoxCode detox
Code detox
 
Wintellect - Devscovery - Portable Class Library
Wintellect - Devscovery - Portable Class LibraryWintellect - Devscovery - Portable Class Library
Wintellect - Devscovery - Portable Class Library
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
Building Better IoT Applications without Servers
Building Better IoT Applications without ServersBuilding Better IoT Applications without Servers
Building Better IoT Applications without Servers
 
DevOps on AWS: DevOps Day San Francisco
DevOps on AWS: DevOps Day San FranciscoDevOps on AWS: DevOps Day San Francisco
DevOps on AWS: DevOps Day San Francisco
 
Developer Tools at AWS 2018.pdf
Developer Tools at AWS 2018.pdfDeveloper Tools at AWS 2018.pdf
Developer Tools at AWS 2018.pdf
 
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
 
The Dev, Sec and Ops of API Security - NordicAPIs
The Dev, Sec and Ops of API Security - NordicAPIsThe Dev, Sec and Ops of API Security - NordicAPIs
The Dev, Sec and Ops of API Security - NordicAPIs
 
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
How To Become A DevOps Engineer | Who Is A DevOps Engineer? | DevOps Engineer...
 
Application Lifecycle Management
Application Lifecycle ManagementApplication Lifecycle Management
Application Lifecycle Management
 
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...
Introduction to AWS CodeStar: Quickly develop, build, and deploy applications...
 
DevOps and Application Security
DevOps and Application SecurityDevOps and Application Security
DevOps and Application Security
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or less
 
ABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyABN AMRO DevSecOps Journey
ABN AMRO DevSecOps Journey
 

More from Francisco Javier Barrena

¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software
¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software
¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu softwareFrancisco Javier Barrena
 
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...Francisco Javier Barrena
 
Welcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataques
Welcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataquesWelcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataques
Welcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataquesFrancisco Javier Barrena
 
Codemotion 2021 - The Rustalorian: Este es el camino
Codemotion 2021 - The Rustalorian: Este es el caminoCodemotion 2021 - The Rustalorian: Este es el camino
Codemotion 2021 - The Rustalorian: Este es el caminoFrancisco Javier Barrena
 
Deja de ser el rival más débil con DevSecOps
Deja de ser el rival más débil con DevSecOpsDeja de ser el rival más débil con DevSecOps
Deja de ser el rival más débil con DevSecOpsFrancisco Javier Barrena
 
Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...
Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...
Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...Francisco Javier Barrena
 
Webinar Codemotion 2020 - Piratas del Cloud
Webinar Codemotion 2020 - Piratas del CloudWebinar Codemotion 2020 - Piratas del Cloud
Webinar Codemotion 2020 - Piratas del CloudFrancisco Javier Barrena
 
TotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcido
TotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcidoTotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcido
TotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcidoFrancisco Javier Barrena
 
Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?
Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?
Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?Francisco Javier Barrena
 
NestJS: Backends en Node para Javeros y Puntoneteros
NestJS: Backends en Node para Javeros y PuntoneterosNestJS: Backends en Node para Javeros y Puntoneteros
NestJS: Backends en Node para Javeros y PuntoneterosFrancisco Javier Barrena
 
Angular 6 + Angular Elements: Write once, run anywhere
Angular 6 + Angular Elements: Write once, run anywhereAngular 6 + Angular Elements: Write once, run anywhere
Angular 6 + Angular Elements: Write once, run anywhereFrancisco Javier Barrena
 
Machine Learning ¿A TODO GAS? con GraalVM
Machine Learning ¿A TODO GAS? con GraalVMMachine Learning ¿A TODO GAS? con GraalVM
Machine Learning ¿A TODO GAS? con GraalVMFrancisco Javier Barrena
 
Aplicaciones Absurdamente Rápidas con Quarkus.io
Aplicaciones Absurdamente Rápidas con Quarkus.ioAplicaciones Absurdamente Rápidas con Quarkus.io
Aplicaciones Absurdamente Rápidas con Quarkus.ioFrancisco Javier Barrena
 

More from Francisco Javier Barrena (15)

¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software
¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software
¡Cookiegeddon! Bye a las cookies de terceros y cómo afectará a tu software
 
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...
VLCSofting 2021 - HARD AS A POD 落. HARDENING DE DESPLIEGUES EN KUBERNETES CON...
 
Semana de la I+D - Proyecto OPOSSUM
Semana de la I+D - Proyecto OPOSSUMSemana de la I+D - Proyecto OPOSSUM
Semana de la I+D - Proyecto OPOSSUM
 
Welcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataques
Welcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataquesWelcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataques
Welcome to Gotham - Nuevas formas ingeniosas y terroríficas de ciberataques
 
Codemotion 2021 - The Rustalorian: Este es el camino
Codemotion 2021 - The Rustalorian: Este es el caminoCodemotion 2021 - The Rustalorian: Este es el camino
Codemotion 2021 - The Rustalorian: Este es el camino
 
Deja de ser el rival más débil con DevSecOps
Deja de ser el rival más débil con DevSecOpsDeja de ser el rival más débil con DevSecOps
Deja de ser el rival más débil con DevSecOps
 
Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...
Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...
Codemotion 2020 - Big Data en Ciberseguridad: mejor morir de pie que vivir ar...
 
Webinar Codemotion 2020 - Piratas del Cloud
Webinar Codemotion 2020 - Piratas del CloudWebinar Codemotion 2020 - Piratas del Cloud
Webinar Codemotion 2020 - Piratas del Cloud
 
TotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcido
TotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcidoTotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcido
TotoConf2020 - Técnicas OSINT que te dejarán con el PAPO torcido
 
Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?
Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?
Ciberseguridad en el Cloud - ¿Y es que eso no puede hacerlo otro?
 
NestJS: Backends en Node para Javeros y Puntoneteros
NestJS: Backends en Node para Javeros y PuntoneterosNestJS: Backends en Node para Javeros y Puntoneteros
NestJS: Backends en Node para Javeros y Puntoneteros
 
Angular 6 + Angular Elements: Write once, run anywhere
Angular 6 + Angular Elements: Write once, run anywhereAngular 6 + Angular Elements: Write once, run anywhere
Angular 6 + Angular Elements: Write once, run anywhere
 
Kubernetes - The Cloud King
Kubernetes - The Cloud KingKubernetes - The Cloud King
Kubernetes - The Cloud King
 
Machine Learning ¿A TODO GAS? con GraalVM
Machine Learning ¿A TODO GAS? con GraalVMMachine Learning ¿A TODO GAS? con GraalVM
Machine Learning ¿A TODO GAS? con GraalVM
 
Aplicaciones Absurdamente Rápidas con Quarkus.io
Aplicaciones Absurdamente Rápidas con Quarkus.ioAplicaciones Absurdamente Rápidas con Quarkus.io
Aplicaciones Absurdamente Rápidas con Quarkus.io
 

Recently uploaded

Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...ranjana rawat
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 

Recently uploaded (20)

Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 

Codemotion 2022 - API Security Workshop.pdf

  • 1. API Security Workshop to harden your API At least what you can…
  • 2. 01 02 05 04 03 06 Table of contents Know the most common API attacks API Attacks Secure API design Cheap tooltips to design your API securely APIs and Docker Don’t have a DevOps in your team? Don’t worry… Monitoring Security must be ensured not only by developers… Coding! A set of examples to apply learned concepts! Security architecture elements What can I add?
  • 3. Requirements for this workshop You will need… ● Node and NPM ● Docker ● Git ● Internet connection ● An IDE (Visual Studio Code, i.e)
  • 5. CREDITS: This presentation template was created by Slidesgo, including icons by Flaticon and infographics & images by Freepik Thanks! Do you have any questions? francisco@kyso.io @DogDeveloper at Twitter kyso.io Please keep this slide for attribution