Skip to content

OWASP Singapore Chapter cover photo

OWASP Singapore Chapter cover photo

Part of OWASP Foundation - 256 groups

OWASP Singapore Chapter

4.6•83 ratings

1,114 members · Public group

Share

What we’re about

Who is the OWASP® Foundation?

The Open Worldwide Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
Tools and Resources
Community and Networking
Education & Training

Upcoming events

1

Thu, Jan 29 · 8:00 PM SST
•
Online
[FREE] Online Mini API Security Hands-On Workshop
Online
OWASP Singapore Chapter, together with Practical DevSecOps, is hosting a free Mini API Security Hands-On Workshop focused on real world API security testing and defense.

This is a 90-minute live, hands-on workshop designed for developers, security engineers, and anyone interested in understanding how API vulnerabilities are discovered and mitigated in practice.

Event Details

Date: 29 January 2026

Time: 8:00 PM SGT onwards

Mode: Online

Access: Workshop links will be shared with registered participants

### Workshop Overview

This session is entirely hands-on. There are no slides. Learning happens through whiteboard explanations, live demonstrations, and guided exercises in a controlled lab environment that participants can practice along with.

The workshop provides practical exposure to API security from both an attacker and defender perspective, using industry standard tools and realistic scenarios.

### What you will learn

Work directly with APIs to understand common security flaws and defenses

API authentication mechanisms including HTTP Basic, API Keys, OAuth, and JWT

Enumeration and exploitation techniques using tools such as FFUF

Exploitation of critical API vulnerabilities including insecure deserialization and path traversal

Defensive techniques using automated scanning tools

Implementing security controls such as rate limiting

The session concludes with a focus on defensive API security, helping participants understand how to identify issues early and apply effective protections.

### Hands-On Lab Environment

All exercises are conducted in a dedicated Practical DevSecOps lab environment that runs entirely in the browser. It works smoothly on laptops, notebooks, and even iPads, with no additional software required.

### Who should attend

Developers building or consuming APIs

Security engineers and penetration testers

DevSecOps practitioners

Anyone looking to gain practical API security skills

Participants will leave the workshop with actionable, hands-on experience and skills they can immediately apply to secure APIs in real world environments.
118 attendees

Past events

27

Organizers

OWASP® Foundation and 3 others

Members

1,114

Related topics

Information Security

Application Security

Software Security

Computer Security

Web Application Security