APISEC CON Where the Wild APIs Are, Katie Paxton Fear

Join the inimitable Dr. Katie Paxton-Fear for this inspiring talk for aspiring API security professionals.

Feeling overwhelmed by APIs? You’re not alone, and this talk is your new starting point.

In this empowering, no-BS session, InsiderPhD (Dr. Katie Paxton-Fear) breaks down how to recognize, explore, and hack APIs even if you're just getting started. Whether you’re aiming to crush your first bug bounty, tackle your company’s APIs, or just demystify GraphQL and SOAP, this talk gives you the mindset and practical approach you need to succeed.

What you’ll learn:

How to recognize real-world APIs in any app (even when hidden)
The 5 major types of APIs: REST, GraphQL, SOAP, RPC, MCP
How to decode JSON, spot resources, and find endpoints
The easiest APIs to hack (and where to find them!)
Pro tips for hacking GraphQL without introspection
Why nobody actually knows what they’re doing , and that’s okay

“Stop watching API security talks to feel smart. Watch them to learn something new.”
— Katie aka InsiderPhD

Perfect for: Penetration testers, AppSec engineers, DevSecOps pros, and anyone curious about hacking APIs, no CS degree required.

#APIsecurity #BugBounty #DevSecOps #AppSec #PenTesting #InsiderPhD #GraphQL #SOAP #APIhacking #EthicalHacking #APICTF #APISecCon #CyberSecurity