Peeling the Onion: Making Sense of the Layers of API Security
Date & Time
Tuesday, June 21, 2022, 9:45 AM - 10:25 AM
Matt Tesauro

APIs are everywhere. Any business with a mobile app, modern web apps (SPAs), using the cloud, doing a digital transformation, integrating with business partners, running microservices or using Kubernetes has APIs. There's a solid foundation of AppSec knowledge out there - thanks, in part, to OWASP - but API security isn't exactly the same as AppSec. Additional complexity is part of the landscape with multiple competing API technologies like REST, gRPC and GraphQL, not to mention stakeholders spread across multiple parts of the business. How do you make sense of the API security landscape? This talk will cover the three fundamental areas to consider, the various chess pieces and the many ways those pieces can be put on your API chessboard. The goal is for you to leave knowing how to map out your API security landscape and reach a state of solid API security.

Session Type
Insight Session
Virtual Session Link
Session code