API Security Best Practices & Guidelines

Modern enterprise and consumers are increasingly adopting APIs, exceeding all predictions. It has become the ‘coolest’ way of exposing business functionalities to the outside world. This increase means you need to be more aware of API security. Both public and private APIs need to be protected, monitored and managed. API security has evolved a lot in the last five years and the growth of standards has been exponential. By following best practices when securing APIs, you will be able to wade through the weeds and keep the bad guys away while reaping the internal and external benefits of developing APIs for your services. This workshop will guide you through the maze of API security options and share industry-leading best practices when designing APIs with rock-solid security.

Who should attend?
Solution architects and developers who want to learn how the WSO2 platform can help you protect your precious business APIs.

Agenda
Managed APIs
OAuth 2.0
API Security Patterns
Introduction to WSO2 API Manager
Introduction to WSO2 Identity Server
Using WSO2 platform to build API security patterns

Presented by: Prabath Siriwardena, Senior Director - Security Architecture, WSO2

Prabath Siriwardena (@prabath) is the Senior Director of Security Architecture at WSO2 having more than 10 years of industry experience in designing and building critical Identity and Access Management (IAM) infrastructure for global enterprises, including many Fortune 100/500 companies.

Prabath spent most of his time in last ten years with the WSO2 IAM team, in developing the open source WSO2 Identity Server (Apache 2.0 license), which is used by hundreds of top companies globally, hundreds of Universities in USA and Canada, and also within the open source communities. WSO2 Identity Server serves more than 50 million identities globally.

As a technology evangelist, Prabath has published four books [https://www.amazon.com/author/prabath], including the one on Advanced API Security. He blogs at http://blog.facilelogin.com on various topics from blockchain, PSD2, GDPR, IAM to microservices security. He also runs a YouTube channel at http://vlog.facilelogin.com to educate the public on various topics related to IAM. Prabath has spoken at numerous conferences including RSAConference, Identiverse (Cloud Identity Summit), European Identity Conference (Keynote 2015), Consumer Identity World (Keynote 2018), API World, API Strategy & Practice Con, OSCON and WSO2Con - and travelled the world conducting workshops in evangelizing WSO2 technologies. He is also the founder of the Silicon Valley IAM User Group, which is the largest IAM meetup in the San Francisco Bay Area.