APIs are the backbone of modern applications—but one small mistake can expose sensitive data, allow unauthorized access, or even take down your entire system.

In this session, we’ll explore the most common API security blunders (yes, including some real-world horror stories) and how to fix them with practical, developer-friendly rules of thumb. From accidental data leaks to broken authentication, we’ll cover the pitfalls that put your APIs at risk and the best practices that will save you from disaster. Whether you’re building a new API or securing an existing one, this talk will help you go from “Oops” to “Locked Down”—with a few laughs along the way.