Intermediate

API Security: Attack and Defense

Use Coupon 'SKILLSURGE15' to get 15% Off Individual Pro and Pro Plus Annual Plans
Learning Path
Advanced Application Security
Ideal for
Developer
Security Engineer
Pentester
9
Hours
28
Lessons
7
Cloud Labs

“Distributed” is the name of the game today, and web applications are no different. They’re often divided up into smaller ‘microservices’ and work with multiple clients, from browsers and mobile applications to other services.

This has resulted in many older websites becoming APIs, or Application Programming Interfaces. Today, APIs are ubiquitous and companies are adopting, developing, and harnessing their potential at massive scale.

In this API Security course, we take a deep-dive into both offensive and defensive techniques. We explore vulnerabilities that are specific to Web APIs, specifically REST APIs, and look at how these vulnerabilities can be exploited by malicious actors.

Subsequently, we look at defense, where we explore deep-rooted strategies in addressing these vulnerabilities comprehensively. All of these lessons will be taught with the aid of our world-renowned hands-on labs that show you not only what you should do, but how you should do it.

We’ll explore this class through the lens of the now-famous OWASP API Security Top 10 Document that defines the Top 10 API Vulnerabilities that currently affect Web APIs.

You might also like these courses

Or explore these Learning Paths

Labs

PK-based IDOR

Verb Tampering

IDOR Mass Assignment

Casbin with ACL

Input Validation - Request filter

JSONSchema

Excessive Data Exposure

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023