If you didn’t make it to OWASP Global AppSec Tel Aviv last month I wanted to share that the team recently published videos from the event...
I’m excited that the list includes my session on Testing & Hacking APIs which you can see here:
While I was pulling together the slides for my session I came to realize that while there are a ton of resources for application security testing the same can’t be said about API penetration testing. This gave me the idea to put together an API Penetration Testing Tips & Tricks sheet that people can use as a reference as they pull together their own methodology and strategy for API security testing. I’ll be continuously updating and making improvements to this sheet so let me know if you have ideas of things to add or just general feedback to make it better.
It’s extremely important to make sure your OAuth implementation is secure. The fix is just one line of code away. We sincerely hope the information shared in our blog post series will help prevent major online breaches and help web service owners better protect their customers and users.
We want to thank our customers, partners and friends for the calls and messages to our team showing your concern and support.