API Security Workshop with OWASP crAPI (hands-on)

In today's rapidly digitalizing world, Application Programming Interfaces (APIs) are the backbone of communication in the vast landscape of web services, cloud applications, and microservices.
With this increased usage comes the inevitable rise of security threats targeting APIs. This workshop aims to arm participants with practical knowledge and hands-on experience to secure APIs effectively.
In this workshop, we will be using OWASP crAPI (completely ridiculous API), a purposely insecure API, to demonstrate common API vulnerabilities and their mitigations. We will discuss the 'Shift Left' approach in API security, emphasizing the importance of integrating security measures early in the development lifecycle. Participants will learn to identify, exploit, and secure API vulnerabilities, equipping them with the necessary skills to build more secure
applications.

Requirements:
1. Active Participation: The workshop will be highly interactive. Questions, comments, and sharing of experiences are strongly encouraged.
2. Laptop: As this is an in-person workshop, please bring along your laptop with any API testing tool installed.
3. Pre-workshop Material: On confirmation of your attendance, you will receive some pre-workshop reading materials. We recommend reviewing these before the event to maximize your learning experience.