Thursday, August 19, 2021

Time to Break the Vicious Circle: Inject Security into API Development!
Join on Hopin
Isabelle Mauny
Isabelle Mauny
42Crunch, co-founder and Field CTO

Each time we talk to our customers, the same story repeats. Hundreds of APIs are being built by agile development teams, released several times per week, with limited consideration for how secure they will be. AppSec teams play a constant game of whack-a-mole, trying to patch issues in production, issues which occur because they could not test and review the APIs as they were published. Too many changes, too little time, very few resources.
How do we break this vicious circle ?
This talk is inspired by my experience working with many large enterprises, helping them engrain security into their APIs lifecycle and changing their development culture. I will share the lessons learned as we worked together on breaking the habits that led to 1 billion of data records leaked via APIs in the last 12 months alone. We will use real data breaches to illustrate the mistakes that lead to those security issues and explain how to address them by changing the way you design and develop your APIs.