APIsecure 2023 - Breaking Vulnerable APIs, Tushar Kulkarni

•

0 likes•49 views

Tushar Kulkarni will present on breaking vulnerable APIs. The presentation will introduce vAPI, an open source project for learning about API security. It will discuss modern web application architectures that rely on APIs and how APIs can be attacked. It will also cover the OWASP API Security Top 10 vulnerabilities and how to fortify APIs. The presentation will include a demonstration of vulnerabilities in vAPI and updates to the project.

Internet

BREAKING
VULNERABLE APIS
Tushar Kulkarni

AGENDA
Introduction
Modern WebApp Architectures
API as an Attack Vector in 2023
Fortifying APIs
Breaking Vulnerable API (vAPI)
Demo
2023 Breaking Vulnerable APIs 2

GET /INTRODUCTION HTTP/2.0
• Creator of vAPI
• Graduate Student, Indiana University Bloomington
• Presented at BlackHat Arsenal, OWASP, HITB etc.
• Making and Playing CTFs
2023 Breaking Vulnerable APIs 3
roottusk.com
Tushar Kulkarni

The total amount of venture capital raised with
companies describing themselves as an API security
solution was $578 Million according to the Crunchbase
database.
- API Secure 2023 Report

MODERN WEB APPLICATION ARCHITECTURES
2023 Breaking Vulnerable APIs 5
Source: https://www.mongodb.com/mean-stack

API AS AN ATTACK VECTOR IN WEB APPLICATIONS
2023 Breaking Vulnerable APIs 6
Source: https://outpost24.com/blog/what-is-api-security-and-how-to-protect-them

SOME OF MY FAVORITE VULNERABILITIES❤️ FROM OWASP
API TOP 10 2019
2023 Breaking Vulnerable APIs 7
• Mass Assignment
• Broken Function Level Authorization
• Excessive Data Exposure

FORTIFYING APIS
2023 Breaking Vulnerable APIs 8
• Use Random and Unpredictable GUIDs/UUIDs for storing Objects in Database
• Never rely on Client side to Filter Sensitive Data
• Enforcing a Limit on How often the Client can Call the API endpoint
• Make sure all administrative endpoints validate the user’s role and privileges before performing the action
• Avoid functions binding Client-Side data into Code Variables and later into an Object in Database
• Enforce a Strong CORS Policy with Custom Unguessable Authorization Headers
• Treat every input like it’s DANGEROUS

GUESS WHAT?????
2023 Breaking Vulnerable APIs 9

2023 Breaking Vulnerable APIs 7
Github.com/roottusk/vapi
Bug Icon Source : https://www.flaticon.com/free-icon/bug_190835

PROJECT UPDATES
2023 Breaking Vulnerable APIs 11
• New XSS Vulnerability?????
• Minor Bug Fixes
• Kubernetes Support (Thanks to @AndyG-0)

TECH STACK
2023 Breaking Vulnerable APIs 12

INSTALLATION
2023 Breaking Vulnerable APIs 13
Docker
- Make sure you have docker and docker-compose
- Go to the root of the project and run
docker-compose up -d
Manually
- Prerequisites include PHP, MySQL
- Configure the MySQL credentials and Server port in the .env file of the project
- You can run php artisan serve command to start the Laravel Server
Kubernetes
- helm upgrade --install vapi ./vapi-chart --values=./vapi-chart/values.yaml

TOOLS REQUIRED TO TEST
2023 Breaking Vulnerable APIs 14
• Postman
• Burpsuite / OWASP ZAP

REFERENCES AND CONTRIBUTORS
2023 Breaking Vulnerable APIs 16
https://dsopas.github.io/MindAPI/
API Security Weekly: Issue #132
https://APISecurity.io
OWASP Vulnerable Web Applications Directory (VWAD)
arainho/awesome-api-security: A collection of awesome API Security tools and resources.
https://hakin9.org/vapi-vulnerable-adversely-programmed-interface/
https://portswigger.net/daily-swig/introducing-vapi-an-open-source-lab-environment-to-learn-about-api-security
https://securedelivery.io/articles/api-top-ten-walkthrough/
https://university.apisec.ai/api-tools-and-resources
https://www.opensourceforu.com/2022/01/open-source-vapi-to-learn-about-api-security-is-now-available/
https://tryhackme.com/jr/vulnapi

THANK YOU , Q&A
Tushar Kulkarni
@vk_tushar
roottusk.com
Email: root.tusk@gmail.com
2023 Breaking Vulnerable APIs 17

We introduce the OpenAPI Specification (OAS) and how Cisco Products leverage this industry standard to drive API quality and state-of-the-art developer experience. We present OpenAPI best practices, tools and processes available to the developer community, and some of the benefits for Cisco API consumers. Join this session to discover the misjudged values that come with the OpenAPI specification, and explore the many ways your software development and automation teams can benefit from OpenAPI with better quality and security.

The 12 facets of the OpenAPI standard.pdf

Cisco DevNet

We introduce the OpenAPI Specifications (OAS) and how Cisco Products leverage this industry standard to drive API quality and state-of-the-art developer experience. We then describe OpenAPI best practices, tools and processes available to the developer community. Join this session to discover the misjudged values that come with the OpenAPI specifications,and explore the many ways your software development and automation teams can benefit from the OpenAPI standard.

Revolutionize the API Economy with IBM WebSphere Connect

Arthur De Magalhaes

Apidays Paris 2023 - Managing OpenAPI Documents at Scale, Stéve Sfartz, Cisco

apidays

Apidays Paris 2023 - Software and APIs for Smart, Sustainable and Sovereign Societies December 6, 7 & 8, 2023 Managing OpenAPI Documents at Scale Stéve Sfartz, Principal Architect, API at Cisco ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix

Arthur De Magalhaes

INTERFACE by apidays 2023 - Something Old, Something New, Colin Domoney, 42Cr...

apidays

INTERFACE by apidays 2023 APIs for a “Smart” economy. Embedding AI to deliver Smart APIs and turn into an exponential organization June 28 & 29, 2023 https://www.apidays.global/interface/ Something Old, Something New - OWASP API Security Top 10 in 2023 Colin Domoney, CTO at 42Crunch ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

WEBINAR: OWASP API Security Top 10

42Crunch

WATCH WEBINAR: https://youtu.be/zTkv_9ChVPY In recent years, large reputable companies such as Facebook, Google and Equifax have suffered major data breaches that combined exposed the personal information of hundreds of millions of people worldwide. The common vector linking these breaches – APIs. The scale and magnitude of these breaches are the reason API security has been launched into the forefront of enterprise security concerns – now forcing us to rethink the way we approach API security as a whole. OWASP Top 10 project has for a long time been the standard list of top vulnerabilities to look for and mitigate in the world of web applications. APIs represent a significantly different set of threats, attack vectors, and security best practices. This caused the OWASP community to launch OWASP API Security project earlier this year. In this session we’ll discuss: What makes API Security different from web application security The OWASP API Security Top 10 Real world breaches and mitigation strategies for each of the risks

As soon as we start working on an API, architecture issues arise. Many mistaken common beliefs turn out to be fiction in this area. A poorly designed API architecture will lead to misuse or – even worse – not be used at all by its intended clients: application developers. To facilitate and accelerate design and development of your APIs, we share our vision and beliefs with you in this Reference Card. They come from our direct experience on API projects.

Protecting Microservices APIs with 42Crunch API Firewall

42Crunch

In loosely coupled architectures, we must put in place application level security, should it be for client traffic (North-South) or intra-microservices traffic (East-West). In this webinar, we show you how the 42Crunch API firewall can be used to put API threat protection in place automatically, as early as design time. We’ll use a mix of slides and demos to present: (1) The various elements of security to consider in order to cover the full API security scope (infrastructure vs application level security) (2) Which threat protections must be put in place in a microservices architecture, and where (3) How to leverage OpenAPI (aka Swagger) to configure threat protection from design time (4) How to automate threat protection deployment

Top 7 wrong common beliefs about Enterprise API implementation

OCTO Technology

Octo API-days 2015

Antoine CHANTALOU

GlueCon 2018: Are REST APIs Still Relevant Today?

LaunchAny

apidays Paris 2022 - The 12 Facets of the OpenAPI Specification, Steve Sfartz...

apidays

apidays Paris 2022 - APIs the next 10 years: Software, Society, Sovereignty, Sustainability December 14, 15 & 16, 2022 The 12 Facets of the OpenAPI Specification Steve Sfartz, Principal Architect at Cisco ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/ Deep dive into the API industry with our reports: https://www.apidays.global/industry-reports/ Subscribe to our global newsletter: https://apidays.typeform.com/to/i1MPEW

apidays LIVE London 2021 - Application to API Security, drivers to the Shift ...

apidays

WebSphere Connect and API Discovery

Arthur De Magalhaes

the 12 facets of OpenAPI

Cisco DevNet

OWASP API Security Top 10 - Austin DevSecOps Days

42Crunch

In recent years, large reputable companies such as Facebook, Google and Equifax have suffered major data breaches that combined exposed the personal information of hundreds of millions of people worldwide. The common vector linking these breaches – APIs. The scale and magnitude of these breaches are the reason API security has been launched into the forefront of enterprise security concerns – now forcing us to rethink the way we approach API security as a whole. OWASP Top 10 project has for a long time been the standard list of top vulnerabilities to look for and mitigate in the world of web applications. APIs represent a significantly different set of threats, attack vectors, and security best practices. This caused the OWASP community to launch OWASP API Security project earlier this year. In this session we’ll discuss: What makes API Security different from web application security The OWASP API Security Top 10 Real world breaches and mitigation strategies for each of the risks

Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ

NGINX, Inc.

Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...

HostedbyConfluent

With Apache Kafka’s rise for event-driven architectures, developers require a specification to design effective event-driven APIs. AsyncAPI has been developed based on OpenAPI to define the endpoints and schemas of brokers and topics. For Kafka applications, the broker’s design to handle high throughput serialized payloads brings challenges for consumers and producers managing the structure of the message. For this reason, a registry becomes critical to achieve schema governance. Apicurio Registry is an end-to-end solution to store API definitions and schemas for Kafka applications. The project includes serializers, deserializers, and additional tooling. The registry supports several types of artifacts including OpenAPI, AsyncAPI, GraphQL, Apache Avro, Google protocol buffers, JSON Schema, Kafka Connect schema, WSDL, and XML Schema (XSD). It also checks them for validity and compatibility. In this session, we will be covering the following topics: ● The importance of having a contract-first approach to event-driven APIs ● What is AsyncAPI, and how it helps to define Kafka endpoints and schemas ● The Kafka challenges on message structure when serializing and deserializing ● Introduction to Apicurio Registry and schema management for Kafka ● Examples of how to use Apicurio Registry with popular Java frameworks like Spring and Quarkus

Cyberlands Sales Deck

Cyberlands B.V.

API SECURITY

Tubagus Rizky Dharmawan

Native Cloud-Native: Building Agile Microservices with the Micronaut Framework

Zachary Klein

This talk is a fast-paced introduction to the Micronaut framework, from creating the first app to orchestrating a microservice federation and deploying to the cloud. We will cover the basics of writing Micronaut apps, communication between services, building for resiliency, managing configuration, and deploying to a cloud provider. By the time we’re finished, you’ll have a good understanding of both the distinctives and features of the framework and be ready to start building and deploying your own apps with Micronaut. Buckle up! Sample code: https://github.com/ZacharyKlein/hello-devnexus23

IoT Physical Servers and Cloud Offerings.pdf

GVNSK Sravya

Simplify DevOps with Microservices and Mobile Backends.pptx

ssuser5faa791

TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...

CA Technologies

As a mobile developer, you understand the pressure to deliver apps faster and of higher quality. Developer solutions must simplify the complexity of creating a great user experience by providing mobile security, interactivity and backend integration with developer-friendly interfaces and APIs. This session steps through the new mobile app services solutions from CA. For more information, please visit http://cainc.to/Nv2VOe

Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...

apidays

Sustainable IT and API Performance - How to Bring Them Together Merja Kajava, Founder - Aavista Oy Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...

apidays

Keynote 1: APIs ahoy, the case of Customer Booking APIs in Finnlines and Grimaldi Lines, ShortSea Vesa Vähämaa, Head of Group IT, Software at Finnlines Plc Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Similar to APIsecure 2023 - Breaking Vulnerable APIs, Tushar Kulkarni

API Security - Null meet

vinoth kumar

Resilient and Adaptable Systems with Cloud Native APIs

VMware Tanzu

RefCard API Architecture Strategy

OCTO Technology

Protecting Microservices APIs with 42Crunch API Firewall

42Crunch

Top 7 wrong common beliefs about Enterprise API implementation

OCTO Technology

Octo API-days 2015

Antoine CHANTALOU

GlueCon 2018: Are REST APIs Still Relevant Today?

LaunchAny

apidays Paris 2022 - The 12 Facets of the OpenAPI Specification, Steve Sfartz...

apidays

apidays LIVE London 2021 - Application to API Security, drivers to the Shift ...

apidays

WebSphere Connect and API Discovery

Arthur De Magalhaes

the 12 facets of OpenAPI

Cisco DevNet

OWASP API Security Top 10 - Austin DevSecOps Days

42Crunch

Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ

NGINX, Inc.

Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...

HostedbyConfluent

Cyberlands Sales Deck

Cyberlands B.V.

API SECURITY

Tubagus Rizky Dharmawan

Native Cloud-Native: Building Agile Microservices with the Micronaut Framework

Zachary Klein

IoT Physical Servers and Cloud Offerings.pdf

GVNSK Sravya

Simplify DevOps with Microservices and Mobile Backends.pptx

ssuser5faa791

TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...

CA Technologies

Similar to APIsecure 2023 - Breaking Vulnerable APIs, Tushar Kulkarni (20)

API Security - Null meet

Resilient and Adaptable Systems with Cloud Native APIs

RefCard API Architecture Strategy

Protecting Microservices APIs with 42Crunch API Firewall

Top 7 wrong common beliefs about Enterprise API implementation

Octo API-days 2015

GlueCon 2018: Are REST APIs Still Relevant Today?

apidays Paris 2022 - The 12 Facets of the OpenAPI Specification, Steve Sfartz...

apidays LIVE London 2021 - Application to API Security, drivers to the Shift ...

WebSphere Connect and API Discovery

the 12 facets of OpenAPI

OWASP API Security Top 10 - Austin DevSecOps Days

Deploy and Secure Your API Gateway with NGINX: From Zero to Hero – APCJ

Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...

Cyberlands Sales Deck

API SECURITY

Native Cloud-Native: Building Agile Microservices with the Micronaut Framework

IoT Physical Servers and Cloud Offerings.pdf

Simplify DevOps with Microservices and Mobile Backends.pptx

TechTalk: Accelerate Mobile Development using SDKs and Open APIs With CA API ...

More from apidays

Apidays Helsinki 2024 - Sustainable IT and API Performance - How to Bring The...

apidays

Apidays Helsinki 2024 - APIs ahoy, the case of Customer Booking APIs in Finn...

apidays

Apidays Helsinki 2024 - From Chaos to Calm- Navigating Emerging API Security...

apidays

From Chaos to Calm: Navigating Emerging API Security Challenges Eli Arkush, Principal Solutions Engineer, API Security at Akamai Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - What is next now that your organization created a (si...

apidays

What is next now that your organization created a (significant) set of APIs? Rogier van Boxtel, Director, Pre Sales Consulting - Axway Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - There’s no AI without API, but what does this mean fo...

apidays

There’s no AI without API, but what does this mean for Security? Timo Rüppell, VP of Product - FireTail.io Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - Security Vulnerabilities in your APIs by Lukáš Ďurovs...

apidays

Security Vulnerabilities in your APIs Lukáš Ďurovský, Staff Software Engineer at Thermo Fisher Scientific Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - Data, API’s and Banks, with AI on top by Sergio Giral...

apidays

Data, API’s and Banks, with AI on top Sergio Giraldo, IT Lead - ING Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - Data Ecosystems Driving the Green Transition by Olli ...

apidays

Data Ecosystems Driving the Green Transition Olli Kilpeläinen, VP - Data Platform & Ecosystem at Betolar Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - Bridging the Gap Between Backend and Frontend API Tes...

apidays

Bridging the Gap Between Backend and Frontend API Testing with K6 Ayush Goyal, Senior Software Engineer - Grafana Labs Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - API Compliance by Design by Marjukka Niinioja, Osaango

apidays

API Compliance by Design Marjukka Niinioja, APItalista & Founding Partner - Osaango Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Helsinki 2024 - ABLOY goes API economy – Transformation story by Hann...

apidays

ABLOY goes API economy – Transformation story Hanna Sillanpää Head of Digital Solutions PU - Abloy Apidays Helsinki & North 2024 - Connecting Physical and Digital: Sustainable APIs for the Era of AI, Super and Quantum Computing (May 28 and 29, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The subtle art of API rate limiting by Josh Twist, Zuplo

apidays

The subtle art of API rate limiting Josh Twist, Co-founder & CEO at Zuplo Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - RESTful API Patterns and Practices by Mike Amundsen, ...

apidays

ESTful API Patterns and Practices Mike Amundsen, Author of "Design and Build Great APIs", API Strategist & Advisor at amundsen.com, Inc. Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Putting AI into API Security by Corey Ball, Moss Adams

apidays

Putting AI into API Security Corey Ball, Author and Sr. Manager Pentest at Moss Adams Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Prototype-first - A modern API development workflow b...

apidays

Prototype-first - A modern API development workflow Tom Akehurst, CTO and Co-Founder at WireMock Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...

apidays

Post-Quantum API Security: Preparing your APIs for Q-day Francois Lascelles, Distinguished Engineer at Broadcom and CTO at Layer7 Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Increase your productivity with no-code GraphQL mocki...

apidays

Increase your productivity with no-code GraphQL mocking Hugo Guerrero, Chief Software Architect, APIs & Integration Developer Advocate at Red Hat Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Driving API & EDA Success by Marcelo Caponi, Danone

apidays

Driving API & EDA Success: Comparing CoE & C4E Models for Organizational Enablement Marcelo Caponi, Global Product Manager - API & Integration at Danone Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Build a terrible API for people you hate by Jim Benne...

apidays

Build a terrible API for people you hate Jim Bennett, Principal Developer Advocate at liblab Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - API Secret Tokens Exposed by Tristan Kalos and Antoin...

apidays

API Secret Tokens Exposed: Insights from Analyzing 1 Million Domains Tristan Kalos, Co-founder and CEO at Escape Antoine Carossio, Co-Founder & CTO at Escape Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

More from apidays (20)