Hot off the heels of the “Going back to the basics of API Security” tutorial presented on Tuesday this talk is a condensed version of the full day presentation going through common API security issues as well as live demo’s showing the impacts of some of these security issues.

In this presentation we will take a step back and cover the key areas of API/Web security including:

* Types of APIs and how they function

* Various authentication/authorisation mechanisms

* Object authorisation

* Preventing injection attacks (SQL/NoSQL/Command)

* General security misconfigurations

The key takeaways for attendees will be:

* Understanding the different types of APIs

* Being able to identify API security issues

* Provide recommendations on how to secure APIs against common security issues