API Security - Implementing API Security by Design

API Security - Implementing API Security by Design

Jan 30, 2024

In this video, Frank Kilcommins from SmartBear and our special guest, José Haro Peralta, author of "Microservice APIs" demonstrate practical steps, workflow tricks, and the essential tools you need to beef up your API security, from start to finish, including design and development.

They recap on the initial Security-By-Design session, to cover OWASP Risks, AuthNZ nuances, Common Design Vulnerabilities before going on a Hands-On walkthrough delivering an API with security in mind from the get go!

They also review some popular public APIs and screen the API design definitions for security vulnerabilities! You’ll be surprised with what they find.

0:00 Intro

2:40 Agenda

4:47 Recap on API Security, AuthNZ, Design pitfalls

8:53 Security By Design for APIs

14:07 Security Review of Popular Public APIs

19:31 Delivering an API with solid Security practices

30:05 Reviewing our API Design to improve security posture

50:02 Hardening our code implementation based on improved secure design
01:14:30 Deployment considers for API security
01:23:16 Q&A