Name: The API Assessment Primer
Start: 2015-05-21T14:30:00+0200
End: 2015-05-21T15:15:00+0200

The API Assessment Primer

API's are everywhere now. SOA, IoT, Mobile, and Thick clients all heavily rely on web services and API's. This talk will present a primer on how to assess these services/interfaces for developers and testers alike. The introduction will include topics such as API identification, common implementations and frameworks. The bulk of the talk will focus on a assessment checklist that anyone can use to test these technologies for security flaws covering topics such as:

Authentication
Verbose-ness
Hidden Functions
Lack of Access Control
Transport Security
Tampering/Trust
Injection

** Where possible we will point to free resources for assessors to carry out the testing **

Speakers

Greg Patton

Static Analysis Team Manager, HP Fortify on Demand

Greg Patton is the Static Application Security Testing (SAST) Team Manager with HP Fortify on Demand based in Houston, TX. Greg specializes in application security with a focus on dynamic run-time web and mobile assessments over the past eight years. Greg started his career in software... Read More →

Thursday May 21, 2015 14:30 - 15:15 CEST
Room Forum Amsterdam RAI

Hack talk

OWASP AppSec Europe 2015

Greg Patton

Attendees (0)

OWASP AppSec Europe 2015

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Greg Patton

Attendees (0)