Topic: API Security in Depth
The OWASP API Security Project was designed to address the ever-increasing number of organisations that are deploying potentially sensitive APIs as part of their software offerings. These APIs are used for internal tasks and to interface with third parties. Unfortunately, many APIs do not undergo the rigorous security testing that would help make them secure from an attack.
This project seeks to provide value to software developers and security assessors by underscoring the potential risks in insecure APIs, and illustrating how these risks may be mitigated. Although this security project addresses modern threats for API based applications, traditional vulnerabilities like SQLi and XSS are becoming less common in APIs, and there has been an increase in vulnerabilities that are either specific to APIs or present a more significant risk, which many developers are unaware of.
The presentation will cover the following:
Participants will have the opportunity at the end of the session to ask questions of the speaker via the Q&A tool.
Speaker: Erez Yalon, Director of Security Research at Checkmarx
Erez Yalon heads the security research group at Checkmarx. With vast defender and attacker experience and as an independent security researcher, he brings invaluable knowledge and skills to the table. Erez is responsible for maintaining Checkmarx’s top notch vulnerability detection technology where his previous development experience with a variety of coding languages comes into play.
This webinar is free and only available to AISA Members, please click here to register online
Non AISA Members: If you would like to become an AISA member you can join here
For any queries regarding this event, please contact AISA Event & Sponsorship Manager, Susanna Palermo via email [email protected] or visit our website www.aisa.org.au
AISA has evaluated the use of Zoom based on the Traffic
Light Protocol which was facilitated for greater information
sharing. AISA webinars are considered TPL White as the information
contains minimal or no foreseeable risk of misuse. In addition AISA has evaluated the
use of Zoom for this purpose as aligned to ACSC
Web Conferencing Security, April 2020, see link at https://www.cyber.gov.au/publications/web-conferencing-security
and has implemented controls to minimise risks. You are required to register for the webinar via the Zoom