Thursday, May 21 • 14:30 - 15:15
The API Assessment Primer

Sign up or log in to save this to your schedule and see who's attending!

API's are everywhere now. SOA, IoT, Mobile, and Thick clients all heavily rely on web services and API's. This talk will present a primer on how to assess these services/interfaces for developers and testers alike. The introduction will include topics such as API identification, common implementations and frameworks. The bulk of the talk will focus on a assessment checklist that anyone can use to test these technologies for security flaws covering topics such as:

Hidden Functions
Lack of Access Control
Transport Security

** Where possible we will point to free resources for assessors to carry out the testing ** 

avatar for Greg Patton

Greg Patton

Static Analysis Team Manager, HP Fortify on Demand
Greg Patton is the Static Application Security Testing (SAST) Team Manager with HP Fortify on Demand based in Houston, TX. Greg specializes in application security with a focus on dynamic run-time web and mobile assessments over the past eight years. Greg started his career in software... Read More →

Thursday May 21, 2015 14:30 - 15:15
Room Forum Amsterdam RAI

Attendees (0)