Best Practices for Protecting Modern Applications and APIs Against Emerging Threats

Webinar Registration

Today’s applications thrive on the interactions with data sources, authentication and directory services, and other applications through APIs that include REST, SOAP, graphQL, websockets, and remote procedure calls. But each of these modern methods of communication between applications and platforms provides threat actors with a potential point of access and control. Last year, we saw 700 million LinkedIn records stolen using a technical flaw in their API.

Many organizations see 2022 as the year of the API as the threat surface of choice for those cybercriminals looking for an untapped “market” to target. This means Security, Product Security, and DevSecOps teams need to be just as aware of the potential risks and threat surface APIs create as with any other initial attack vector that is included within your cybersecurity program.

In this Real Training for Free session, Microsoft MVP Nick Cavalancia takes my seat as he first discusses:

The state of cyberattacks using APIs
MITRE’s take on API-based attack techniques

Nick will be joined by Stepan Ilyin, Co-Founder of Wallarm, who will discuss the most common API security issues, their implications, and mitigation strategies, covering:

How to address the most common API Security issues
The key components of building your API Security strategy
The tools that help product security teams keep up with the rapid pace of engineering and application deployments

Stepan will demonstrate API Discovery and asset discovery, as well as the detection and mitigation of attacks via REST APIs, gRRPC, websockets, and API abuse.

He’ll also provide practical guidance around:

Protecting APIs in the modern environments (e.g., cloud-native, K8s, etc.)
Protecting against API abuse and account takeover
What open source and commercial tools you can use
How to prepare yourself against the log4shells of tomorrow
Practical lists to use including OWASP Top10, API OWASP Top10

This real training for free event will be jam packed with technical detail and real-world application. Register today!

First Name:	Required
Last Name:	Required
Work Email:	Required Invalid email address
Phone:	Required
Job Title:	Required
Organization:	Required
Country:	Required
State:	Required
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

Anatomy of a Cloud Hack: The Cloudflare/Okta Compromise – A Story of Tokens, Lateral Movement, Persistence and the Salvation of Zero Trust and Hard MFA Tokens

Additional Resources

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.