This course covers the learning outcomes and goals of understanding API security as the new application attack surface and how to secure it at an enterprise scale. It teaches about the security implications, threat landscape, and how to fix vulnerabilities using real-world examples. The course focuses on skills such as secrets management, threat modeling, and implementing security measures. The teaching method includes discussing the architecture, security implications, and real-life use cases. The intended audience for this course is developers, security professionals, and individuals interested in securing APIs in modern web applications.
API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
Overview
Syllabus
Intro
What is your background
Agenda
Architecture
Behind the scenes
Security implications
Threat landscape
Facebook breach
How to fix it
How it happened
Use cases
Secrets management
Perform valuedriven threat modeling
Closing thoughts
Taught by
LASCON
