(Mis)using and Abusing APIs

Keith Casey (21.Apr.2018 at 10:00, 50 min)
Talk at Longhorn PHP Conference 2018 (English - US)

Rating: 5 of 5

Over the last decade, APIs have opened up new worlds and allowed us to accomplish wildly complex tasks with just a few lines of code. They’ve made the extraordinary almost mundane. Unfortunately, poorly designed and implemented APIs have opened us up to vulnerabilities and attacks we never considered before. While Equifax is the biggest and one of the most well known, odds are there are APIs within your systems which are just as bad but you don’t even know.

In this session, we’ll walk through a number of (now resolved!) vulnerabilities from production APIs, how they were found, and what you should watch for in your own APIs.

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 5 of 5

21.Apr.2018 at 11:13 by Eric Poe (88 comments) via Web2 LIVE

Energetic, entertaining, & spooky. Unfortunately, this talk is always timely.

Rating: 5 of 5

21.Apr.2018 at 11:24 by Marion Sartor (30 comments) via Joind.in iPhone app

Wow! This talk will either teach or remind you of how personal information shared online is vulnerable to access by unauthorized and unauthenticated parties, and how it could potentially be used to our detriment.

Rating: 5 of 5

21.Apr.2018 at 11:54 by Darren Wright (29 comments) via Web2 LIVE

Good content and information to adhere to.

Rating: 5 of 5

21.Apr.2018 at 14:22 by Daniel Kadosh (9 comments) via Web2 LIVE

I'm really scared about possible misuses of our APIs that I had not considered. Mr. Danger is an energetic and passionate speaker, full of great anecdotes and general wisdom about security.

Rating: 5 of 5

22.Apr.2018 at 21:25 by Nicholas Vahalik (18 comments) via Web2 LIVE

Eye opening. Gave me a lot of pause as I consider the things I've built and the decisions that were made.

© Joind.in 2018