PNSQC 2024 August Meetup: An Introduction to API Security Testing
Вставка
- Опубліковано 8 лис 2024
- An Introduction to API Security Testing with Bas Dijkstra
August 21, 2024
The enormous rise in APIs to exchange data between systems has introduced a popular new attack vector for people with malicious intents. Therefore, to prevent ending up in the news, it's probably a good idea to ensure that your APIs are not vulnerable to common API security weaknesses and exploits.
The good news is that API security testing does not have to be hard or time-consuming, and it is not something only people with deep and specialist knowledge can do.
In this session, Bas Dijkstra showed how to start testing API security using common and popular tools and libraries like Postman and REST Assured, using the 2023 OWASP API Security Top 10 as a guideline.
Because "seeing is believing", Bas ran several API security testing experiments and talked us through his thought process and interpretation of the results so these experiments can be replayed against your own APIs.
Slides: www.slideshare...
This meetup instance was online-only.
