Anatomy of an API Attack: Applying MITRE Framework to API Threat Modeling

In this talk, we take a look at the practical issues of security APIs through the length of the MITRE framework.

We discuss:
- An overview of MITRE framework
- How well known API attack vectors map to known adversary tactics and technique
- A real-world use case of an attack that has started as an API breach and got developed into a full-fledged MITRE-style attack
- Effective mitigations for API exploits