All your APIs are mine - Secure them now by Andreas Falk @ Spring I/O 2023
Spring I/O 2023 - Barcelona, 18-19 May
Slides: https://github.com/andifalk/api-secur...
GitHub Repo: https://github.com/andifalk/api-security
With Spring, it is very easy to implement APIs. Making them robust against a variety of attack types is much harder. Developers will learn about several real-world attack scenarios. Live demos will show how these can be mitigated with the help of Spring Security and appropriate design patterns.
With the increasing popularity of APIs, attacks on them are also steadily increasing. Often, design flaws such as weak authentication, lack of authorization, or unnecessarily exposing confidential data make it far too easy for attackers to reach their target. In this talk, I will discuss the most prevalent threats to modern APIs and outline recommended strategies for developers to secure their own APIs. In doing so, I will cover the most commonly used standards and architectural styles these days, such as Rest, GraphQL, and gRPC. Using a sample Spring Boot application, I will show practical examples of (in)secure APIs. The talk is aimed at software developers, architects, and security enthusiasts alike. Knowledge of the Java programming language and Spring Boot is helpful.
Watch video All your APIs are mine - Secure them now by Andreas Falk @ Spring I/O 2023 online, duration hours minute second in high quality that is uploaded to the channel Spring I/O 23 May 2023. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 2,997 times and liked it 64 visitors.
