OWASP API Security Top Ten 2023 Update: What has changed?

Every #API is an opportunity for reuse and can help with delivering new value to customers more quickly. But every API also is a security risk, and managing API security is an essential part of API management as whole.

One important body of knowledge of common security space is the OWASP API Security Top Ten. They were first published in 2019 and were recently updated to a new version which hasn't changed a lot but a little bit. Dan Barahona of APIsec University walks us through the updated version.

If you're interested in more details about OWASP, the OWASP API Security Top Ten, and educational videos that will teach you about API security fundamentals in general and OWASP specifically, check out the following links to OWASP and APIsec University:

#api #apis #apidesign #design #designpatterns #apimanagement #gettingapistowork #gettingdigitaltowork #digitaltransformation #apigovernance #apistrategy #security #owasp #apisecurity #owasptopten #owaspapitopten

00:00 Introduction
00:14 Hello Dan Barahona of APIsec University
01:33 OWASP API Security Top Ten
03:11 OWASP API Security Top Ten: 2019 vs. 2023
05:01 The Coinbase BOLA Security Issue
07:02 A Common Problem: Client-Side Enforcement
08:53 Check out OWASP and APIsec University
10:24 Wrap-up