Skip to content

Details

TOPIC: API Security Hands-on Workshop
Join us for an action-packed hands-on workshop event led by Dan Barahona, Founder, APIsec University.

ABSTRACT: APIs are now the top target for attackers, who exploit logic flaws, authorization gaps, data exposure, and other hidden vulnerabilities. These threats often slip past traditional defenses such as WAFs, code scanners, and testing tools.

This API Security Workshop will feature:

  • An exploration of why APIs are a prime target for attackers
  • Case studies of real-world API breaches
  • A guided review of the OWASP API Security Top 10
  • Proven best practices for securing APIs
  • An interactive, hands-on lab

In this lab, we’ll explore how to conduct comprehensive API testing from start to finish. Participants will gain hands-on experience in manual testing and learn how to accelerate their efforts through advanced automation tools. Together, we’ll tackle the key question: How can AI help us build safer applications while making our organizations more efficient?

What You’ll Need

  • A device for taking notes or following along if you’d like too (laptop ideally)
  • Software Used
  • Firefox
  • Burp Suite Community Edition
  • APIsec - Downloaded from apisec.ai by signing up for a free account.

What We’ll Learn

  1. How modern applications are leveraging APIs
  2. How vulnerabilities are created within those APIs
  3. How we can test for those vulns efficiently and comprehensively

Thanks to our SPONSOR: APIsec University
You can't stop what you can't see
Novel attacks can appear harmless without visibility into the grey areas of your application layer.Stop attacks in your applications and APIs from development to production.

*Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org*

CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy

Events in Los Angeles, CA, CA
Computer Security
OWASP
Web Security
Ethical Hacking
Software Development

Sponsors

OWASP - LA

OWASP - LA

sponsorship.la@owasp.org

Wallarn

Wallarn

API Security and AI agents

Contrast Security

Contrast Security

Application Detection and Response for Modern Enterprises

Kodem

Kodem

Helping AppSec Teams Make Security a Priority

Arnica

Arnica

AppSec made simple pipelineless detection and secret mitigation.

Endor Labs

Endor Labs

Secure open source software without the dev productivity tax

DefectDojo

DefectDojo

DefectDojo is the platform and product that enables scalable security

Cato Networks

Cato Networks

One platform to connect all edges, everywhere

Checkmax

Checkmax

Securing the Applications Driving Our World

Mend io

Mend io

equips your dev and security teams with tools to build a mature AppSec

Members are also interested in