Proposed by: Dhrumil Mistry
Securing Web Apps: Using Offensive Approach for Defending Against API Vulnerabilities
In today's digital landscape, APIs (Application Programming Interfaces) are essential for enabling seamless communication and functionality across web applications. However, they also present a significant security risk, with potential vulnerabilities leading to data leaks and breaches. The OWASP API Top 10 2023 outlines these risks and offers insights into securing APIs effectively.
This talk introduces attendees to the key concepts of API security, focusing on the detection of OWASP API Top 10 2023. We explore common vulnerabilities and mitigation strategies while showcasing OWASP OFFAT (OFFensive API Pentester), a tool for assessing API security.
Attendees will learn how to integrate OWASP OFFAT into CI/CD pipelines for automated security testing, ensuring robust protection against API exploits.
Source code/Reference: https://github.com/OWASP/OFFAT
Talk duration: