API Security Hands-on Workshop

TOPIC: API Security Hands-on Workshop

ABSTRACT: APIs are now the top target for attackers, who exploit logic flaws, authorization gaps, data exposure, and other hidden vulnerabilities. These threats often slip past traditional defenses such as WAFs, code scanners, and testing tools.

This API Security Workshop will feature:

An exploration of why APIs are a prime target for attackers
Case studies of real-world API breaches
A guided review of the OWASP API Security Top 10
Proven best practices for securing APIs
An interactive, hands-on lab

In this lab, we’ll explore how to conduct comprehensive API testing from start to finish. Participants will gain hands-on experience in manual testing and learn how to accelerate their efforts through advanced automation tools. Together, we’ll tackle the key question: How can AI help us build safer applications while making our organizations more efficient?

What You’ll Need

A device for taking notes or following along if you’d like too (laptop ideally)
Software Used
Firefox
Burp Suite Community Edition
APIsec - Downloaded from apisec.ai by signing up for a free account.

What We’ll Learn

How modern applications are leveraging APIs
How vulnerabilities are created within those APIs
How we can test for those vulns efficiently and comprehensively