API breaches are increasing, with over 350 reported publicly since October 2018. The top causes are lack of input validation, rate limiting, data/exception leakage, and authorization and authentication issues. These map to the OWASP API Security Top 10 risks. API-centric architectures expand the attack surface. To address this, security needs to be considered at design time through the API contract, which defines data constraints, authorization policies, logging, and rate limiting. Following best practices like this helps avoid vulnerabilities that are costly to fix later.
API strategy ensures that the entire IT organization and its resources are aligned with the strategic goals. In this webinar, we gave a brief overview of the problems that digital businesses solve today by adopting an API strategy and how it differs from organization to organization.
apidays LIVE Paris 2021 - Beyond API Governance: Run your API org like a lean...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Beyond API Governance: Run your API org like a lean startup
Eric Horesnyi, SVP, API Platform at Axway
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Synchronous Communication Patterns: A journey from ESB to APIs & Service Mesh
Sébastien Bergougnoux, CEO at Devoteam I nexDigital
apidays LIVE Paris 2021 - The Real World, API Security Edition by Michael Isb...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
The Real World, API Security Edition: When best practices stop being polite and start being real
Michael Isbitski, Technical Evangelist at Salt Security
apidays LIVE Paris 2021 - Taming the beast by Markus Mueller, Apiidaapidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Taming the beast - How to manage multiple API platforms at once
Markus Mueller, CTO at Apiida
What is developer experience? And how can it affect the success of your product? Our very own Keshav Vasudevan will take you through everything you need to know.
apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API Attack Simulator - Find your API vulnerabilities first
Sella Rafaeli, Full-Stack Web Developer at WIB
apidays LIVE Paris 2021 - Low-Code API DevOps approach to API Lifecycle Manag...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Low-Code API DevOps approach to API Lifecycle Management
Darshan Shivashankar, Founder & CTO at Itorix Inc &
Rakshith Rao, CEO at Itorix Inc
API strategy ensures that the entire IT organization and its resources are aligned with the strategic goals. In this webinar, we gave a brief overview of the problems that digital businesses solve today by adopting an API strategy and how it differs from organization to organization.
apidays LIVE Paris 2021 - Beyond API Governance: Run your API org like a lean...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Beyond API Governance: Run your API org like a lean startup
Eric Horesnyi, SVP, API Platform at Axway
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Synchronous Communication Patterns: A journey from ESB to APIs & Service Mesh
Sébastien Bergougnoux, CEO at Devoteam I nexDigital
apidays LIVE Paris 2021 - The Real World, API Security Edition by Michael Isb...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
The Real World, API Security Edition: When best practices stop being polite and start being real
Michael Isbitski, Technical Evangelist at Salt Security
apidays LIVE Paris 2021 - Taming the beast by Markus Mueller, Apiidaapidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Taming the beast - How to manage multiple API platforms at once
Markus Mueller, CTO at Apiida
What is developer experience? And how can it affect the success of your product? Our very own Keshav Vasudevan will take you through everything you need to know.
apidays LIVE Paris 2021 - API Attack Simulator - Find your API vulnerabilitie...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API Attack Simulator - Find your API vulnerabilities first
Sella Rafaeli, Full-Stack Web Developer at WIB
apidays LIVE Paris 2021 - Low-Code API DevOps approach to API Lifecycle Manag...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Low-Code API DevOps approach to API Lifecycle Management
Darshan Shivashankar, Founder & CTO at Itorix Inc &
Rakshith Rao, CEO at Itorix Inc
Designed a framework for “API Strategy in the cloud” which explains challenges of API,
current trending API management platforms and the role of API management in delivering successful API programs. The report provides the strategy for building API which mainly focuses on the API maturity models, business values, business strategy: Alignment and Usefulness, engagement and usability, scalability and evolvability, manageability and security of APIs.
apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accentureapidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
API Security & AI
Deb Roy, Senior Manager API Practice at Accenture
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Event-driven APIs & Schema governance for Apache Kafka
Hugo Guerrero, APIs & Messaging Developer Advocate at Red Hat
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
INTERFACE, by apidays - Aligning teams and strategies behind API investment ...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
Aligning teams and strategies behind API investment
Claire Barrett, Strategy Translator at APIsFirst, and Women In APIs Lead
apidays LIVE Paris - Potential of API integrations, common traps and advices ...apidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Potential of API integrations, common traps and advices
Mathieu Rasse, CEO at Meta API
API Management - Practical Enterprise Implementation ExperienceCapgemini
Narinder Sahota Chief Architect - Capgemini
David Rutter Solutions Architect - Capgemini
APIs are something we take for granted as a key part of modern architecture. This session will talk through the practical experiences of implementing a new cloud-based API Management capability within a mature Enterprise with a complex and business critical integration estate. The session will cover what we learnt about the maturity and evolution of the API Management service implemented during the project, the team model that enabled success, the business benefits achieved, and how the platform is now evolving.
apidays LIVE Paris 2021 - API design is where culture and tech meet each othe...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API design is where culture and tech meet each other
Aleksei Akimov, Head of API at Adyen
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API data sharing legal practices for public sector: The case of the National licensing initiative
Hanna Niemi-Hugaerts, Executive Director at TIEKE, Finnish Information Society Development Centre
apidays LIVE Paris - Principles for API security by Alan Glickenhouseapidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Principles for API security
Alan Glickenhouse, Digital Transformation and API Business Strategist at IBM
apidays LIVE Paris 2021 - 5 Learnings Shaping Our View on the Future of APIs ...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
5 Learnings Shaping Our View on the Future of APIs
Frank Kilcommins, API Technical Evangelist at SmartBear
apidays LIVE Paris - Connectivity rules everything around us by Marco Palladinoapidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Connectivity rules everything around us
Marco Palladino, CTO at Kong
apidays LIVE Paris - Succeeding with API Programs by Kiran Nadgirapidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Succeeding with API Programs
Kiran Nadgir, Head of APIs and UX Platforms at Silicon Valley Bank
apidays LIVE New York 2021 - Playing with FHIR without getting burned by Dav...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Playing with FHIR without getting burned
David Stewart, CEO at Approov
INTERFACE, by apidays - A cloud-native approach for open banking in action b...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
A cloud-native approach for open banking in action
Rafael Marins, Principal Product Marketing Manager at Red Hat
WATCH WEBINAR: https://youtu.be/LLVOouA4pbs
Over the past 6 months, we have discovered many similarities across APIs from companies from very different industries. "This is an eye opener" is the most recurring comment from our prospects. We thought it would be worth sharing our findings in this webinar.
Through a mix of slides and demos, we will describe the top 5 issues our security audit reports, what they are and why they matter, including:
- Potentials attacks linked to each issue
- How they can be remediated
- Example request/response and reports
Designed a framework for “API Strategy in the cloud” which explains challenges of API,
current trending API management platforms and the role of API management in delivering successful API programs. The report provides the strategy for building API which mainly focuses on the API maturity models, business values, business strategy: Alignment and Usefulness, engagement and usability, scalability and evolvability, manageability and security of APIs.
apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accentureapidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
API Security & AI
Deb Roy, Senior Manager API Practice at Accenture
apidays LIVE Hong Kong 2021 - Event-driven APIs & Schema governance for Apach...apidays
apidays LIVE Hong Kong 2021 - API Ecosystem & Data Interchange
August 25 & 26, 2021
Event-driven APIs & Schema governance for Apache Kafka
Hugo Guerrero, APIs & Messaging Developer Advocate at Red Hat
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
INTERFACE, by apidays - Aligning teams and strategies behind API investment ...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
Aligning teams and strategies behind API investment
Claire Barrett, Strategy Translator at APIsFirst, and Women In APIs Lead
apidays LIVE Paris - Potential of API integrations, common traps and advices ...apidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Potential of API integrations, common traps and advices
Mathieu Rasse, CEO at Meta API
API Management - Practical Enterprise Implementation ExperienceCapgemini
Narinder Sahota Chief Architect - Capgemini
David Rutter Solutions Architect - Capgemini
APIs are something we take for granted as a key part of modern architecture. This session will talk through the practical experiences of implementing a new cloud-based API Management capability within a mature Enterprise with a complex and business critical integration estate. The session will cover what we learnt about the maturity and evolution of the API Management service implemented during the project, the team model that enabled success, the business benefits achieved, and how the platform is now evolving.
apidays LIVE Paris 2021 - API design is where culture and tech meet each othe...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API design is where culture and tech meet each other
Aleksei Akimov, Head of API at Adyen
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
API data sharing legal practices for public sector: The case of the National licensing initiative
Hanna Niemi-Hugaerts, Executive Director at TIEKE, Finnish Information Society Development Centre
apidays LIVE Paris - Principles for API security by Alan Glickenhouseapidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Principles for API security
Alan Glickenhouse, Digital Transformation and API Business Strategist at IBM
apidays LIVE Paris 2021 - 5 Learnings Shaping Our View on the Future of APIs ...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
5 Learnings Shaping Our View on the Future of APIs
Frank Kilcommins, API Technical Evangelist at SmartBear
apidays LIVE Paris - Connectivity rules everything around us by Marco Palladinoapidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Connectivity rules everything around us
Marco Palladino, CTO at Kong
apidays LIVE Paris - Succeeding with API Programs by Kiran Nadgirapidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Succeeding with API Programs
Kiran Nadgir, Head of APIs and UX Platforms at Silicon Valley Bank
apidays LIVE New York 2021 - Playing with FHIR without getting burned by Dav...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Playing with FHIR without getting burned
David Stewart, CEO at Approov
INTERFACE, by apidays - A cloud-native approach for open banking in action b...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
A cloud-native approach for open banking in action
Rafael Marins, Principal Product Marketing Manager at Red Hat
WATCH WEBINAR: https://youtu.be/LLVOouA4pbs
Over the past 6 months, we have discovered many similarities across APIs from companies from very different industries. "This is an eye opener" is the most recurring comment from our prospects. We thought it would be worth sharing our findings in this webinar.
Through a mix of slides and demos, we will describe the top 5 issues our security audit reports, what they are and why they matter, including:
- Potentials attacks linked to each issue
- How they can be remediated
- Example request/response and reports
The Dev, Sec and Ops of API Security - API World42Crunch
The enterprise use of APIs is growing exponentially. Companies face a difficult choice. They must shift towards a software-based, digital approach to service and product delivery – or get left behind. Agile development, business pressure and the complexity of API security have made security teams life very complicated. And to make matters more complicated, the adoption of microservices architectures has multiplied the number of API endpoints that you have to protect.
Downside: The more APIs, the higher the security risk!
API security flaws are injected at many different levels of the API lifecycle: in requirements, development, deployment and monitoring. It is proven that detecting and fixing vulnerabilities during production or post-release time is up to 30 times more difficult than earlier in the API lifecycle. Security should be easy to considered at requirements phase, applied during development by attaching pre-defined policies to APIs and ensuring that security tests are performed as part of the continuous delivery of the APIs.
Upside: We’ll prep you with all the knowledge and tools you need to implement an automated, end-to-end API Security process that will get your dev, sec and ops teams speaking the same language.
In this presentation you will learn:
Security risks at each stage of the API lifecycle, and how to mitigate them.
How to implement an end-to-end automated API security model that development, security and operations teams will love.
How to think positive! Why a positive security model works.
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
Software security is best built in. This presentation introduces three essential things to help you design more secure software. In order to have a secure foundation, you can create and select security requirements for your applications using evil user stories and utilizing existing material for example from OWASP.
Another useful skill is threat modeling which helps you to assess security already in the design phase. Threat modeling helps you deliver better software, prioritize your preventive security measures, and focus penetration testing to the most risky parts of the system. The presentation covers various methods, such as the STRIDE model, for finding security and privacy threats.
You will also learn what kind of security related testing you can do without having any infosec background.
What happens when a security researcher finds a hole in your code? Do have a clear policy to submit this kind of findings? Most not. Responsible Disclosure is something every company should manage, and Bug Bounties Programs help to improve the security as well as be in contact with the hacker community. During the talk we will see how a Responsible Disclosure Program or a BugBounty Program works, and how the company should focus and not forget about other mitigations and counter mesures related to security
Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...apidays
Security Vulnerabilities in your APIs
Lukáš Ďurovský, Staff Software Engineer at Thermo Fisher Scientific
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
The Dev, Sec and Ops of API Security - NordicAPIs42Crunch
The enterprise use of APIs is growing exponentially. Companies face a difficult choice. They must shift towards a software-based, digital approach to service and product delivery – or get left behind. Agile development, business pressure and the complexity of API security have made security teams life very complicated. And to make matters more complicated, the adoption of microservices architectures has multiplied the number of API endpoints that you have to protect.
Downside: The more APIs, the higher the security risk!
API security flaws are injected at many different levels of the API lifecycle: in requirements, development, deployment and monitoring. It is proven that detecting and fixing vulnerabilities during production or post-release time is up to 30 times more difficult than earlier in the API lifecycle. Security should be easy to considered at requirements phase, applied during development by attaching pre-defined policies to APIs and ensuring that security tests are performed as part of the continuous delivery of the APIs.
Upside: We’ll prep you with all the knowledge and tools you need to implement an automated, end-to-end API Security process that will get your dev, sec and ops teams speaking the same language.
In this presentation you will learn:
Security risks at each stage of the API lifecycle, and how to mitigate them.
How to implement an end-to-end automated API security model that development, security and operations teams will love.
How to think positive! Why a positive security model works.
Still in the mindset that retrofitting legacy and expensive approaches like a #SIEM will solve software supply chain security problems?
What about treating SBOMs as a compliance checkbox rather than translating them into REAL security?
#PIRATE is an acronym that aligns threat modeling with strategic business objectives. It helps align your organization for you to lead "Project to Product Transformation." It enables you to remove manual compliance work from your developers by operationalizing the value of SBOMs into security actions.
PIRATE stands for Product Integrated Risk Analytics & Threat Evaluation.
Understand how the PIRATE methodology will improve the security of your ever-changing attack surface. Learn how to overcome the critical challenges of enforcing security controls with context. See how context enables accountable risk remediation in the flow of everyday work — and more....
Check the YouTube: https://www.youtube.com/watch?v=DjZSAyWuy8w&feature=youtu.be
Programming languages and techniques for today’s embedded andIoT worldRogue Wave Software
This presentation looks at the problem of selecting the best programming language and tools to ensure IoT software is secure, robust, and safe. By taking a look at industry best practices and decades of knowledge from other industries (such as automotive and aerospace), you will learn the criteria necessary to choose the right language, how to overcome gaps in developers’ skills, and techniques to ensure your team delivers bulletproof IoT applications.
Fragments-Plug the vulnerabilities in your AppAppsecco
Appsecco presented on the common mistakes that developers make when building mobile apps.
This session covered how these mistakes make your app vulnerable to attack and abuse? How an attacker perceives security of mobile app?
https://youtu.be/EzC86gWVPZk
apidays LIVE LONDON - Protecting financial-grade APIs - Getting the right API...apidays
apidays LIVE LONDON - The Road to Embedded Finance, Banking and Insurance with APIs
Protecting financial-grade APIs - Getting the right API Security stack!
Isabelle Mauny, CTO at 42Crunch
APIs are a key part of modern web applications and a growing security challenge that isn’t well understood by developers and application security managers, leading to exposed APIs that give hackers access to sensitive data. Find out how to secure your APIs and prevent vulnerabilities from making it into production.
APIsecure - April 6 & 7, 2022
APIsecure is the world’s first conference dedicated to API threat management; bringing together breakers, defenders, and solutions in API security.
The Real World, API Security Edition: When best practices stop being polite and start being real
Sean Boulter, Principal Security Engineer at Salt Security
Similar to apidays LIVE Paris 2021 - Addressing OWASP API Security Top 10 by Isabelle Mauny, 42Crunch (20)
Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...apidays
Keynote 1: APIs ahoy, the case of Customer Booking APIs in Finnlines and Grimaldi Lines, ShortSea
Vesa Vähämaa, Head of Group IT, Software at Finnlines Plc
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...apidays
From Chaos to Calm: Navigating Emerging API Security Challenges
Eli Arkush, Principal Solutions Engineer, API Security at Akamai
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - What is next now that your organization created a (si...apidays
What is next now that your organization created a (significant) set of APIs?
Rogier van Boxtel, Director, Pre Sales Consulting - Axway
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...apidays
There’s no AI without API, but what does this mean for Security?
Timo Rüppell, VP of Product - FireTail.io
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...apidays
Sustainable IT and API Performance - How to Bring Them Together
Merja Kajava, Founder - Aavista Oy
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...apidays
Data, API’s and Banks, with AI on top
Sergio Giraldo, IT Lead - ING
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...apidays
Data Ecosystems Driving the Green Transition
Olli Kilpeläinen, VP - Data Platform & Ecosystem at Betolar
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...apidays
Bridging the Gap Between Backend and Frontend API Testing with K6
Ayush Goyal, Senior Software Engineer - Grafana Labs
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaangoapidays
API Compliance by Design
Marjukka Niinioja, APItalista & Founding Partner - Osaango
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...apidays
ABLOY goes API economy – Transformation story
Hanna Sillanpää Head of Digital Solutions PU - Abloy
Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuploapidays
The subtle art of API rate limiting
Josh Twist, Co-founder & CEO at Zuplo
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...apidays
ESTful API Patterns and Practices
Mike Amundsen, Author of "Design and Build Great APIs", API Strategist & Advisor at amundsen.com, Inc.
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adamsapidays
Putting AI into API Security
Corey Ball, Author and Sr. Manager Pentest at Moss Adams
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - Prototype-first - A modern API development workflow b...apidays
Prototype-first - A modern API development workflow
Tom Akehurst, CTO and Co-Founder at WireMock
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...apidays
Post-Quantum API Security: Preparing your APIs for Q-day
Francois Lascelles, Distinguished Engineer at Broadcom and CTO at Layer7
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...apidays
Increase your productivity with no-code GraphQL mocking
Hugo Guerrero, Chief Software Architect, APIs & Integration Developer Advocate at Red Hat
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danoneapidays
Driving API & EDA Success: Comparing CoE & C4E Models for Organizational Enablement
Marcelo Caponi, Global Product Manager - API & Integration at Danone
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...apidays
Build a terrible API for people you hate
Jim Bennett, Principal Developer Advocate at liblab
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...apidays
API Secret Tokens Exposed: Insights from Analyzing 1 Million Domains
Tristan Kalos, Co-founder and CEO at Escape
Antoine Carossio, Co-Founder & CTO at Escape
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
Scaling API-first – The story of a global engineering organization
Ian Reasor, Senior Computer Scientist - Adobe
Radu Cotescu, Senior Computer Scientist - Adobe
Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024)
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
apidays LIVE Paris 2021 - Addressing OWASP API Security Top 10 by Isabelle Mauny, 42Crunch
1. Addressing OWASP API
Security Top10 starts at
design time
Developer First Platform for API Security
Isabelle Mauny - Field CTO
isabelle@42crunch.com
2. API Breaches are on the rise!
• 350+ breaches reported on apisecurity.io since
Oct. 2018
• And those are just the public ones!
• Recurring Combination of:
• Lack of Input validation
• Lack of Rate Limiting
• Data/Exception leakage
• Authorization issues
• Authentication issues
https://www.datacenterknowledge.com/security/api-attacks-breaches-piling
3. OWASP Top 10 Mapping
• API1 : Broken Object Level Access Control
• API2 : Broken Authentication
• API3 : Excessive Data Exposure
• API4 : Lack of Resources & Rate Limiting
• API5 : Missing Function Level Access Control
• API6 : Mass Assignment
• API7 : Security Misconfiguration
• API8 : Injection
• API9 : Improper Assets Management
• API10 : Insufficient Logging & Monitoring
DOWNLOAD
Data Protection Auth / Authorization Governance/Operations
5. New York
JULY
Australia
SEPTEMBER
Singapore
APRIL
Helsinki & North
MARCH
Paris
DECEMBER
London
OCTOBER
Jakarta
FEBRUARY
Hong Kong
AUGUST
JUNE
India
MAY
Check out our API Conferences here
50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees,
300k+ online community
Want to talk at one of our conferences?
Apply to speak here
6. API-centric architectures expand the attack surface
Source: https://apisecurity.io/encyclopedia/content/owasp/owasp-api-security-top-10.htm
12. Know your APIs!
• Security is not a one-size fit all !
• Define which APIs are the most sensitive, for example:
• You’re likely to be in the news if something bad happens
• Your reputation will be affected
• Where is data stored, how it is accessed and by who ?
• What are the potential threats and how do we address
them?
• STRIDE model
• Invented in 1999 by Microsoft, but still relevant
• About knowing the threats and how you mitigate them and
where
13. Approach
•Key to security is to build context at design time, enumerated in the API
contract
Devs
Cyber
Consumer
= = =
Establish an API Contract As The Single Source Of Truth
14. API Contract Design
Data (API3, API6 and API8)
• Build / define the context you need for
security decisions.
• Own your schemas - Inbound and
outbound
• Define data constraints, schema constraints
• Know your PII
• Granted, there are standard ones, but you may have
one called “contraseña” or “numéro_sécu” !
• Don’t forget about :
• Headers
• Error responses
• JWTs (yes, they carry data!)
15. Interface Design
Access Control (API 1, API 2, API 5)
‣ Reduce/Eliminate resources IDs exposure
‣ What is an ID ? Can it be enumerated ? Can we hide it ?
‣ Fine-grained authorization policies
‣ Define external authorization policies (not in the
code…)
‣ True solution to BOLA/IDOR issue
‣ Who has access to what and how
‣ Which operations are we exposing ?
‣ Which ones are critical and require special access ?
‣ Do we have admin-level operations ?
‣ Who can access them ? How ?
‣ Shall this be a separate API all together so that we get
finer control ?
17. Operating APIs
‣ Invest in a framework for observability /monitoring
‣ Logging cannot be an after thought
‣ Logging needs to be designed! Which data will you log ? Where will it go ?
‣ Design Rate Limiting
‣ Rate limiting is not one size fit all
‣ Design rate limiting, watch for authentication/authorization endpoints.
‣ Design/manage API lifecycle/versioning
‣ Know when to retire APIs
18. CALL TO ACTION!
Use API Top 10 as framework for design and testing
Start worrying about API Security at design time
✓ A vulnerability discovered at production time costs up to 30x more
to solve
Hack yourselves leveraging API contracts
✓ For each functional test, create 10 negative tests
✓ Hammer your APIs with bad data, bad tokens, bad users
Automate Security
✓ Inject Security into DevOps practices and don’t rely on manual
testing of APIs.
✓ Only solution to scale and have avoid human errors
https://www.helpnetsecurity.com/2020/05/20/devops-software-development-teams/
“I think security, in most cases, is not a single
person’s specialization. Security must be a practice
of every member of the team from the frontend
developer to the system administrator (also non
tech roles).”
From: Gitlab DevSecOps report - 2021
19. 18
Thank you!
THE DEVELOPER FIRST
API SECURITY PLATFORM
Continuous Protection for your Digital Business
➡ Subscribe to the apisecurity.io
weekly newsletter for regular
news on breaches, tools and best
practices.
20. New York
JULY
Australia
SEPTEMBER
Singapore
APRIL
Helsinki & North
MARCH
Paris
DECEMBER
London
OCTOBER
Jakarta
FEBRUARY
Hong Kong
AUGUST
JUNE
India
MAY
Check out our API Conferences here
50+ events since 2012, 14 countries, 2,000+ speakers, 50,000+ attendees,
300k+ online community
Want to talk at one of our conferences?
Apply to speak here