Wednesday
Room 6
11:40 - 12:40
(UTC±00)
Talk (60 min)
Getting API security right
The shift towards an API landscape indicates a significant evolution in the way we build applications. The rise of JavaScript and mobile applications have sparked an explosion of easily-accessible REST APIs. But does the rise of APIs result in the downfall of security? Why are there so many vulnerabilities and incidents involving APIs? How can you ensure that your APIs are secure?
In this session, we use real-world cases to dive into best practices for securing your APIs. We discuss the attack surface of an API, common authorization problems, and best practice techniques to avoid these problems. At the end of this session, you will have an actionable set of guidelines to assess and improve the security of your own APIs.
Philippe De Ryck
Philippe De Ryck specializes in making web security accessible to developers and architects, leveraging his Ph.D. from KU Leuven to inform his comprehensive understanding of security challenges. As the founder of Pragmatic Web Security, he provides practical security training and consulting services to organizations worldwide.
His online course platform offers a self-paced approach to learning about security. Philippe also actively helps shape OAuth 2.0 best practices as the co-author of the best practices for browser-based apps specification.
Philippe is recognized as a Google Developer Expert, acknowledging his contributions to web application and API security. He also organizes SecAppDev, an annual week-long application security course in Belgium.