ARU CSNRG, OWASP Cambs & BCS Cybercrime SG “Zero Trust and API Risk Management”

ARU CSNRG, OWASP Cambridge & BCS Cybercrime Forensics SG “A Workshop on Zero Trust and API Risk Management” Webinar
Thursday 2nd December 17:30 – 19:00 – Online

Hosted by the Cyber Security & Networking Research Group, Anglia Ruskin University, OWASP (Open Web Application Security Project) Cambridge Chapter, & BCS Cybercrime Forensics SG
Background

OWASP (Open Web Application Security Project is a 501(c)(3) not-for-profit worldwide charitable organization focused on improving the security of application software. Their mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.

The Cyber Security and Networking (CSN) Research Group at Anglia Ruskin University has close working strategic relationships with industry, professional bodies, law enforcement, government agencies and academia in the delivery of operationally focused applied information and application security research. We have strong international links with professional organisations such as OWASP, BCS, ISC2, IISP & the UK Cyber Security Forum amongst others.

The BCS – Chartered Institute for IT - Cybercrime Forensics Special Interest Group (SG) promotes Cybercrime Forensics and the use of Cybercrime Forensics; of relevance to computing professionals, lawyers, law enforcement officers, academics and those interested in the use of Cybercrime Forensics and the need to address cybercrime for the benefit of those groups and of the wider public.

Speaker Biographies & Abstracts

Dr Baljeet Malhotra – TeejLab Founder/CEO - “A Workshop on Zero Trust and API Risk Management”

Bio: Dr Baljeet Malhotra

Dr Baljeet Malhotra, is an award-winning researcher known for his work in Open Source and API Data Management. He conceptualized the world's first "API Composition Analysis" based on source code static analysis. He founded TeejLab in 2017 and steered the team to build API Discovery and Security™, world's first comprehensive end-to-end API Management platform. Prior to TeejLab, he established the R&D unit of Black Duck Software in 2016 (acquired by Synopsys), he has also served as Research Director at SAP. He received a PhD in Computing Science from the University of Alberta and won several awards including NSERC (Canada) scholar in 2005 and Global Young Scientist (Singapore). He concurrently holds Adjunct Professor positions at the University of British Columbia, University of Victoria and University of Northern BC.

Abstract : “A Workshop on Zero Trust and API Risk Management”

Web applications have revolutionized our digital world. 96% of such web applications are built using some Open Source [Black Duck]. Furthermore, 99% of such Open Source based applications contain some Web APIs [TeejLab]. It’s not surprising that Akamai estimated that 83% of the internet traffic today is via Web APIs that connect digital applications at a global scale. The growing API usage impacts organizations both positively (through innovations, newer business models, competitive differentiation, etc.) and negatively (due to security vulnerabilities, business disruptions, legal and compliance issues etc.). Gartner has predicted that by 2022, API abuses will be the most frequent attack vector resulting in data breaches for web applications. Given the importance of APIs for digital transformation at enterprises, it is imperative for their Security, Compliance and Audit professionals to get a handle on APIs by managing API risks proactively. This workshop will provide an overview of an API Governance framework to manage API security and legal risks. This framework is inspired by the Zero Trust model that enterprises can adopt for effective API Risk Management. We’ll highlight best practices, both manual and automated, with relevant hands-on examples and scenarios.

Provisional Agenda

17:30 - Webinar waiting lobby opens
18:40 - Presentation followed by Questions and Answers
19:30 - Closing