Do you love the idea of robbing a bank? Good news you can, totally ethically. Join us for the next live API Security Masterclass. We’ll cover an introduction to APIs, what kind of vulnerabilities are in APIs, how you can find them, and how you can test your own APIs. Whether you’re on the blue team and trying to understand threats, a hacker new to APIs or a developer trying to better understand how your code can go wrong, these live classes will tell you everything you need to know. And don’t leave it on in the background, these are interactive sessions so you can get the most out of it!
We’ve found some vulnerabilities in our API, so how do we actually get them fixed? More importantly, how do we start to build a program that ensures all our API vulnerabilities are fixed? And remain fixed. This session will cover the basics of vulnerability management, how to work with existing developer workflows, and the best practices for integrating security into your development lifecycle. Learn to implement robust security measures, automate vulnerability scanning, and foster a security-first mindset with your development team. Building your API AppSec toolkit, from open source tools, to some of the considerations before you invest.
This session will start with the basics of how developers work and some common development methodologies they employ, before introducing vulnerability management and the vulnerability lifecycle. We’ll discuss what makes API development different, with some of the common web application frameworks, and some advice on controlling API sprawl before API endpoints are deployed. Then we’ll continue looking at free and open source tools you can use and some of the considerations on when you should consider an upgrade to a full API security platform like Traceable, keeping your API secure no matter what your budget.