Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Tuesday, January 27 • 2:45pm - 3:45pm
API = Authentication's Poorly Implemented

Sign up or log in to save this to your schedule and see who's attending!

Who doesn't love a robust, easy-to-use, well-documented API? The ability to plug right into an application, a service, an infrastructure, especially in a secure way, is a marvelous feeling. But, what about those mild (and not so mild) oversights? Implementation flaws? Security bugs? Legacy APIs being "integrated" with new, flashy RESTful APIs?

In this talk, we'll highlight some real-world examples of web-related API security problems, notably surrounding authentication and authorization issues in targets ranging from a big online payment shop to an embedded device's backend infrastructure (and a slew of things in between).

Speakers
avatar for Zach Lanier

Zach Lanier

Security Researcher, Accuvant Labs
Zach Lanier is a Senior Research Scientist with Accuvant Labs, specializing in various bits of network, mobile, and application security. Prior to joining Accuvant, Zach most recently served as a Senior Security Researcher with Duo Security. He has spoken at a variety of security conferences, such as Black Hat, CanSecWest, INFILTRATE, ShmooCon, and SecTor, and is a co-author of the "Android Hackers' Handbook" (Wiley, April 2014).


Tuesday January 27, 2015 2:45pm - 3:45pm
Annenberg Community Beach House: Track 1 415 Pacific Coast Hwy, Santa Monica, CA 90402

Attendees (18)