Why you should hack your own APIs

NOTE: The following will be in effect and mandatory for this meeting venue.

• RSVPs will close at 11:59 PM PT on Monday, August 25th, so kindly submit your RSVP by then. Walk-ins will not be permitted.
• Google Security mandates that RSVPs include your full name (in Meetup settings) and that you bring your ID, which will be checked at the entrance to match your RSVP.
• If your first and last name do not appear in our admin view, we will contact you.
• Alternatively, feel free to reach out directly or email us at orange-county-leaders@owasp.org to provide that information or any questions you may have regarding the event.

Parking
Park in the public garage structure next to the building. We will be providing paid tickets for exiting the garage.

Abstract
APIs power virtually every web and mobile application, accounting for over 80% of all Internet traffic. And APIs are under attack. Gartner states APIs have become the “most frequent attack vector," resulting in hundreds of highly successful, high profile breaches. This API security presentation covers 1) why attackers love APIs, 2) real-world breaches (and how they map to the OWASP API Security Top 10), and 3) best practices to keep APIs secure.

Bio
Dan brings over 20 years of cybersecurity experience with executive leadership roles at APIsec, Qualys, Anomali, ArcSight and others. He’s led Product Development, Sales teams, and Marketing at startups and publicly traded companies. Dan is the co-founder of APIsec University - a site that offers high quality, no cost courses on API security risks and best practices. APIsec University now has over 120,000 students, covering over 80% of the Fortune 100. Dan has earned engineering degrees from Rensselaer Polytechnic and Cornell University, and an MBA from University of Michigan.