Past Meetup

Jim Manico: API/Webservice/REST Security


Every 2nd Wednesday of the month until August 13, 2019

Location image of event venue


5:30-6:00: Food, Soda, Beer and Networking

6:00-6:15: Announcements

6:15-7:45: API/Webservice/REST Security

API's are built on the foundation of the same technology that is used to build web applications. Therefore, many of the standard web security defenses will apply when building webservices. However, stateless and other specialized patterns make defending API's different than normal web security in some regards. Access control, request forgery, session management, and other security layers, while familiar, often require different security designs in API's. This module will review these needed security patterns as well as review a host of other specialized attacks and defenses that developers need to be aware of when building secure API's.

About Jim Manico

Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is an investor/advisor for Signal Sciences and BitDiscovery. Jim is also a frequent speaker on secure software practices, is a member of the JavaOne rockstar speaker and Java Champion community and is the author of "Iron-Clad Java: Building Secure Web Applications" from McGraw-Hill and Oracle Press. Jim also volunteers for the OWASP foundation where he helps build application security standards and other documentation.

You can find Jim on Twitter at @manicode (

7:45: Door Prizes

* IntelliJ IDE License (
* Pluralsight Subscription provided by DevelopIntelligence (

8:00: After Meeting Networking

After meeting networking sponsored by Okta ( We meet at Ale House at Amato’s [masked]th St, Denver, CO 80211).