experts to experts conference 14th June 2023, Cluj Innovation Park

How to Develop Secure APIs

15:00 - 16:00

APIs are the beating heart of any modern web design. Cloud-based applications, Web services, mobile applications, IoT devices, and the list goes on. Studies show that approximately 80% of internet traffic is API traffic – everyone uses dozens of APIs every day, whether they know it or not.

The wide adoption of relatively complex technologies does not come risk-free – the door is open for implementation mistakes, design hiccups, logic flaws, and integration issues, all leading to open attack vectors.

In this talk, we will discuss:

  • Real-world use cases, showing examples of API vulnerabilities.
  • Discuss ideas on how to mitigate these design flaws.
  • Discuss the pros and cons of relying on OAS\swagger security validations (small hint - it is not very efficient)

Let’s talk about how to build secure API-based software.

Avishai Shafir

Avishai is a veteran developer that led development with several global hi-tech companies. Among his roles, he served as the Chief Architect of HP ALM (Quality Center & Performance Center), leading the HP Mercury ALM architects team in building tools for developers. Later in his career, he managed a line of business at Panaya (acquired by Infosys for $200 Million) and led a team of product managers at Cellebrite (The global leader in digital intelligence solutions). Today he manages a product team at Salt Security, a leading provider of API cybersecurity tools. He is a technology enthusiast.

the developers about computer