Recently, APIs have become the main attack vector for applications. What makes APIs so interesting to attackers is that, in essence, they expose data and business logic to clients. Traditional security approaches fail to address these issues. In this workshop, we will look at the most common vulnerabilities found in APIs, dive into how to spot them, remediate them, and how to put in place secure foundations starting at the design phase.

By the end of this workshop, participants will:

• Learn about OWASP API Top10
• Understand the unique nature of API vulnerabilities
• Learn what they look like in code examples
• How to automate detecting these vulnerabilities
• Get strategies for remediating