Securing Your APIs: What You Need to Know

Modern attack surfaces are evolving and morphing as API use is increasing. From car hire to medical records, APIs power applications that impact lives. Technical challenges and human error make it possible for vulnerable APIs to make their way into production environments where they often have a negative impact downstream. Once deployed or integrated into larger applications, these APIs are hard to mitigate and even harder to remediate. Scanning and testing APIs in a runtime environment helps security teams uncover vulnerabilities in APIs before they’re in production, where remediation is more costly and frustrating. Understanding how to secure APIs is a struggle for most security teams. Conflicting guidance on runtime testing best practices creates confusion and delay. 

On Demand
1h 00min

In this webinar, Veracode's Head Dynamic Analysis Engineer, Dan Murphy, will cover:

  • The challenges of generating RESTful traffic from API specifications in OpenAPI 2.0 and 3.0, that gets past the HTTP 400 Bad Input Response
  • How to perform attacks on various injection points in API requests
  • How API scanning performance advantages allow for more thorough attack coverage
  • How responses are inspected for evidence of vulnerability

Featured Speakers

  • Elisa Velarde
    Elisa Velarde
    Senior Product Marketing Manager

    Elisa Velarde, is an innovative Product Marketing Manager with over 10 years’ experience in marketing, product marketing and product management. In her previous Product Marketing role at Sonatype, she was focused on the Nexus platform and Nexus Intelligence. Elisa is passionate about software security and when she isn’t outdoors running or cycling, she can be found reading an embarrassing number of cyberthreat blogs.

  • Dan Murphy
    Dan Murphy
    Software Engineering Consultant

    Dan Murphy is an architect and staff engineer with more than 20 years of experience working in computer security, and is helping to solve security-as-a-service at scale as a software architect at Veracode. He has worked at software companies both large and small, from industry giants where we he wrote code that is still used by millions daily, to scrappy startups that he has successfully helped spin out. API scanning is a natural fusion of his interests in building great systems at scale and helping to secure the world’s software.

  • Peggy Bresnick-Kendler
    Peggy Bresnick-Kendler
    Dark Reading

    Peggy Bresnick-Kendler has been a professional writer for the past 30 years. She has worked as an editor, publicist and school district technology coordinator. During the past decade, Peggy has worked on UBM TechWeb financial services technology-centered projects on behalf of companies that represent some of the most prominent names in the insurance, banking, and capital markets technology fields. Peggy has written a recurring department featured in Insurance & Technology since 1996, and she has produced a recurring department for Bank Systems & Technology since 2003. From 1998 through 2001, she served as editor-in-chief of School Technology Market Report, a bimonthly newsletter for school district technology leaders. Peggy formerly was manager of communications for the American Insurance Association's Service Group. She has also worked in the IT area of Dun & Bradstreet, where she reported directly to the director of IS planning and consulting. Peggy holds a Bachelor's degree in English from Skidmore College, a Master's degree in education from Sacred Heart University and a Master's degree in educational technology from Fairfield University.

Sponsored By