Episode 3: The New OWASP API Top 10, Explained

So we now know what an API is and how to discover them, including some of the tools we use to perform common tasks like API recon, but what do we actually need to look out for?

Well that’s where the OWASP API Top 10 comes in. It’s a list of common API security flaws created by API security experts. Each entry represents a serious security issue that can occur in APIs. But is it up to date? Yes! It was refreshed in 2023.

In this on-demand episode, we’re going to dive deep into the changes and look at each vulnerability in depth. From injection to authentication we’ll explore these vulnerabilities and talk about what they are, how they work and how to attack and defend against them. We’ll unravel the tangled mess of access control and talk about how each type works and what the new access control issues are. We’ll also discuss the chaining of APIs and potential risks both upstream and downstream APIs. Whether you’re a security engineer, a developer or a hacker we’ll equip you with the knowledge and tools needed to keep APIs safe.

Meet Your Guide: Dr. Katie Paxton-Fear

Dr. Katie Paxton-Fear, a trailblazer in API security, will be your guide throughout this masterclass. Benefit from her wealth of knowledge as she navigates through APIs, vulnerabilities, and the strategies to fortify your security posture.