Attacking the Modern API-Based Web Application
Event submitted on Wednesday, May 6th 2020, approved by Charles Villanueva ✓
This event has been tagged as follows:
(edit this info)
SecureWorld creates some of the very best InfoSec Events on the planet. This event is aimed at Cybersecurity Practitioners so yes, highly recommended and we hope you can make this Online Cyber Event!
The following description was either submitted by the Conference Organizer on Wednesday, May 6th 2020, or created by us.
SecureWorld Remote Sessions is a series of daily briefings on security topics of particular relevance during times of disruptive incidents and remote working challenges. Our purpose is to help the InfoSec community stay connected, encouraged, and continuing to learn and share.
Tune in for 45 minutes to an hour—either live or on-demand—and receive 1 CPE credit in the process. For speaker and topic updates, keep an eye on the Remote Sessions lineup and check back frequently as sessions are added to the calendar. In this talk, I’ll walk you through—with live demos, examples, and war stories—what you need to know to defend and attack modern API-based web applications.
The speaker will demonstrate how an API-based application is different and how it’s the same as the traditional web applications you know and love. We’ll also learn about modern tools that can make testing easier and how critical it is to think through all the different security controls at your disposal to mitigate the plethora of threats out there.
Join us as we dive into these questions and discuss:
- How did we get here?
- What’s changed from traditional web applications to SOAP, to modern JSON-based SPA web apps?
- An architectural mental model to understand these threats
- New attacks against Web APIs
- New defenses against modern threats