OWASP Houston Chapter Meeting January 2024 - The Rise of API-Led Cyberattacks

Presentation: The Rise of API-Led Cyberattacks

API-led cyberattacks lead to data breaches, customer data leaks, and privacy-driven lawsuits around the world, which means protecting all APIs is mission-critical. Traditional tactics like web application firewalls won’t work for APIs because they have limits to the level of protection they can provide. The challenge of securing APIs is due to two things. First, APIs are built differently making them harder to protect for traditional security solutions looking just at the network layer vs the source code and two teams don’t have the right tools required for full API discovery to truly know what APIs are in use.

Join Dr. Anirban Banerjee as he discusses:

• Why API security efforts need to incorporate both 3rd party and internal API traffic
• What’s causing the surge of API-led attacks
• Why have traditional tools not maintained the sophistication needed to protect APIs in flight
• Why teams need to locate and catalog every single API for true auditability
• Q&A