APIs are the backbone of modern software, enabling seamless communication between applications. While their importance is undeniable, APIs can be susceptible to security breaches if not properly secured. This talk dives into the OWASP and CWE top security vulnerabilities, established frameworks that identifies the most critical API security vulnerabilities.

We'll explore real-world examples of these vulnerabilities, along with corresponding code samples, to illustrate the potential threats and their impact. Through this exploration, you'll gain a deeper understanding of how to fortify your APIs against malicious actors, ensuring the safety and reliability of your software ecosystem.

Preferred session duration: one slot, 30-60 minutes

Target audience:
Software Developers - this includes backend developers responsible for building and maintaining APIs, as well as frontend developers who integrate with APIs
API Designers - those involved in designing and documenting APIs will benefit from understanding common vulnerabilities
Security Professionals - anyone involved in application security will find this talk valuable for identifying and mitigating API-specific risks
Architects and Team Leads - those responsible for the overall security posture of applications will benefit from understanding API security best practices