APIs Exposed!

Layla Porter (laylacodesit), a self-taught .NET web developer (and former Pilates teacher and professional horse-rider), will be joining us to discuss APIs.

More and more developers are building APIs, whether that be for consumption by client-side applications, exposing endpoints directly to customers so they can use an alternative front-end or wrapping up services in containers.

Now that we have all these exposed endpoints, what are we doing to secure them? Previously, our monolith was self-contained with limited points of access making authentication and authorisation more straightforward - that’s no longer the case.

We’ll cover the potential risks we may face such as cross-site scripting and BruteForce attacks as well as a look at the possible options for securing API endpoints including OAuth, Access Tokens, JSON web tokens, IP whitelisting, rate limiting to name but a few.

Special thank you to Twilio, who will be sponsoring the meet's pizza, and bringing a big bag of swag to give out.

-----------------

Doors open at 6pm for refreshments and networking, before the formal start just after 7pm. Don't worry if you're unable to arrive before 7pm, we'd rather you arrive late, than not at all.

Following the talk there is a general discussion about the topic at hand, and more time for networking.

We have a Slack channel which acts as a virtual water cooler, allowing you to chat the other members of the group. If you've not already joined, you can do so using the link below:

http://bit.ly/worcsourceslack

If you have any questions or ideas, hit me up on the slack channel.