Top security mistakes with API's presented at AppSecIndonesia2020 2020

by Shahnawaz Backer,

Summary : The talk is the resultant analysis of major security breaches and disclosures related to APIs, from 2017 to 2020. We will look at the top vectors of API compromise like authentication, authorization and rate limits and take a technical in-depth looks at how hacker’s gains access to system by compromising application level flaws, including mechanism to crack JSON Web Tokens. The talk will club breach information with live demo’s to display constructs of OWASP API security top 10