API Security Top 10 Vulnerabilities

preview_player
Показать описание
As software crafters, our responsibility spans more than just shipping working, maintainable software and automated tests. The applications we build must be secured, observable, and reliable. Tools can assist us up to a point, but from there on it's up to the design decisions we take to avoid common pitfalls as early as possible in the development cycle.

In this presentation, we will walk over the top 10 most common security vulnerabilities when developing REST APIs, similar to the classic OWASP Top 10 that many of you might be familiar with.

Vulnerabilities we'll discuss:
- Broken Object Level Authorization
- Broken User Authentication
- Excessive Data Exposure
- Lack of Resources & Rate Limiting
- Broken Function Level Authorization
- Mass Assignment
- Security Misconfiguration
- Injection
- Improper Assets Management
- Insufficient Logging & Monitoring

Let's hack our way to better software engineers together!

👩🏻‍💻👨‍💻

About the speaker:

  1. Victor Rentea
Рекомендации по теме
OWASP TOP 10 0:17:40

OWASP TOP 10 API Vulnerabilities Explained | Part One | TryHackMe

API Security Top 1:17:14

API Security Top 10 Vulnerabilities

Top 10 OWASP 0:11:43

Top 10 OWASP Vulnerabilities for API Security Explained! - API Cybersecurity 101

Understanding The Fundamentals 0:09:41

Understanding The Fundamentals of API Security | How APIs are Attacked and How to Secure Them

The Top 10 0:12:35

The Top 10 API Vulnerabilities

OWASP Top 10 0:02:33

OWASP Top 10 API security vulnerabilities | API security risks

Analyzing The OWASP 1:00:23

Analyzing The OWASP API Security Top 10 For Pen Testers

PYNT vs OWASP: 0:28:20

PYNT vs OWASP: Pynt Top 10 API Security Vulnerabilities Report

Find VULNERABILITIES in 0:37:23

Find VULNERABILITIES in Web application with OWASP Tool

OWASP Top 10 0:13:37

OWASP Top 10 API Vulnerabilities Explained | Part 3 | TryHackMe

OWASP best practices 0:39:43

OWASP best practices to protect your APIs from security vulnerabilities

My Favorite API 0:10:08

My Favorite API Hacking Vulnerabilities & Tips

OWASP Top 10 0:14:18

OWASP Top 10 API Vulnerabilities Explained | Part Four | TryHackMe

OWASP TOP 10 0:16:23

OWASP TOP 10 API Vulnerabilities Explained | Part Two | TryHackMe

Web App Vulnerabilities 1:28:49

Web App Vulnerabilities - DevSecOps Course for Beginners

How to protect 0:06:10

How to protect your APIs against these 6 security threats

Combatting API Vulnerabilities 0:20:09

Combatting API Vulnerabilities with the 3 Pillars of API Security

The Latest API 0:43:29

The Latest API Security Vulnerabilities with Dmitry Sotnikov

5 Best Practices 0:15:42

5 Best Practices for Securing Your APIs

How to prevent 0:02:01

How to prevent OWASP API Top 10 security vulnerabilities? API attack prevention

OWASP Top 10 0:08:51

OWASP Top 10 2021 - The List and How You Should Use It

A Hacker's Perspective 0:06:02

A Hacker's Perspective on API Vulnerabilities

What Can Attackers 0:17:35

What Can Attackers Do With API Vulnerabilities - API Security With A Pinch Of Salt

c{api}tal - Exploit 0:26:52

c{api}tal - Exploit OWASP API's top 10 vulnerabilities (BlackHat EU 2022 - Arsenal)

Комментарии
Автор

Thank you, I found this video very interesting and your presentation is just unique.

kennystephen
Автор

When using uuid, considering an extra id(uuid) in database is better or just use the uuid as primary key?

sharifyy