The age of contextual security has arrived, but most organizations are still attacking their API and Layer 7 security with a sledge hammer. Coarse grained security is the opposite of contextual security and API security capabilities that are more like a scalpel. What does it take to get to true contextual security with your APIs? Catalogs and visibility are only a small part of a much larger equation. What is an API supposed to do? What is an API supposed to access? What is an API actually doing? The devil is in the details.
APIs are everywhere, they are the hidden mechanisms behind almost everything from mobile apps to IoT devices and of course web applications. And with good reason, they’re a great standard that allows developers to quickly build applications without caring about interfaces. So perhaps with how ubiquitous they are we shouldn’t also be surprised that they’re a common target for a would-be attacker.
This 60 minute lunch-and-learn session will be a TL;DR Traceable’s popular free webinar series The API Security Masterclass. This session will cover why developers love APIs, the most common security vulnerabilities and how to test for them manually, how to build a basic API security program and we’ll discuss some of the open source API protection tools you can put into place to help recognise and respond to an API attack.