API-first architecture have had significant impact on the application development landscape. They have enabled organizations to speed up application development, easily use complex functionality, and enhance collaboration with service providers and customers. In fact, many enterprises derive an increasing amount of their revenue from APIs used by customers. However, scalable security solutions for APIs are notoriously elusive, even as DevSecOps faces increasing security demands. Thus, enterprises face a looming threat from under-protected APIs (underscored by the OWASP Top 10 2017 update).
This talk will focus on enumerating this risk, discuss the challenges, and explore solutions. First, we will evaluate applications in the IoT, online retail and financial mobile spaces to highlight the complexity of managing the technical and business risk. Second, we examine the difficulty in securing these applications and examine why web scanners don’t work. Third, we present a scalable testing framework to automate testing. Fourth, we discuss SDLC integration for the framework. Finally, we will discuss real world results. This talk will allow attendees to walk away with:
+ Deeper understanding of business and technical risks around APIs + Enumerate real world challenges while highlighting weaknesses in current security tooling + Present scalable solutions for securing APIs
Application Development teams in enterprises are actively searching for solutions to deal with API security and will finally be able to address the problem.
High impact blog posts and eBooks on API business models, and tech advice
Connect with market leading platform creators at our events
Join a helpful community of API practitioners
Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High
impact blog posts on API business models and tech advice.
Become a part of the world’s largest community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.