E-COMMERCE: API Security & Bot Protection - What you NEED to know

As APIs increasingly become the key component behind most mission-critical business, security has become paramount. With organisations no longer having defined perimeters and the application stack constantly evolving, the opportunities for attackers to manoeuvre under the radar are increasing.

Gartner states that “By 2022, API abuse will be the most frequent attack vector resulting in data breaches for enterprise web applications”

In this OPTIMISE MeetUp we take a deep dive in agile security solutions that keep your APIs secure at all time without leaving gaps for attackers to sneak in and looking at some cool tech too!

Here's what to expect:

• How to detect targeted and prevent attack attempts at source

• APIs' Security in the age of E-Commerce first

• How to gain full visibility to your APIs (discover all your APIs so you know exactly what data and actions flow through them across your entire environment)

• Remediate and Eliminate the Risk (leverage each attacker as your personal pen-tester to pinpoint weak spots in your APIs before they become a vulnerability)

• Some cool tech!

Please be aware that the agenda is updated on a regular basis
____________________________________________________________________________________
Cool Tech Breaks include

Arkose Labs
Technology that identifies and eliminates malicious users before they have the opportunity to steal and transfer funds. The prevention solution that guarantees attack remediation with a 100% SLA.

Salt
Detect and prevent API attacks with the power of AI. Deploys in minutes. No configuration required. Ever.
______________________________________________________________________________________

The evening will include brain fuel, aka, pizza and drinks. Come armed with your questions and opinions - the more we share the more we gain!

______________________________________________________________________________________

CONTRIBUTORS

Dinis Cruz
CISO
Photobox
_______________________________________________________________________________________

Inon Shkedy
API Security Project Lead
OWASP

The Changing Battleground of Application Security

Modern applications are much different from those we built just a few years back. As an example, today's web, mobile and IoT applications are much more reliant on APIs to enable functionality, extensibility and integrations with other applications. The increased usage of APIs by developers combined with the uniqueness of each API is forcing us to rethink how we secure today's applications.

In this session you'll learn more about the security implications of modern applications and APIs including:
- Why traditional vulnerabilities like SQLi and XSS are less relevant in modern applications
- How attackers exploit new API vulnerabilities and why traditional approaches can't stop them
- Why we need an OWASP Top 10 for API security risks
_______________________________________________________________________________________

Steven Puddephatt
Senior Engineer
GlobalDots
____________________________________________________________________________________