Back To Schedule
Tuesday, January 27 • 2:45pm - 3:45pm
API = Authentication's Poorly Implemented

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Who doesn't love a robust, easy-to-use, well-documented API? The ability to plug right into an application, a service, an infrastructure, especially in a secure way, is a marvelous feeling. But, what about those mild (and not so mild) oversights? Implementation flaws? Security bugs? Legacy APIs being "integrated" with new, flashy RESTful APIs?

In this talk, we'll highlight some real-world examples of web-related API security problems, notably surrounding authentication and authorization issues in targets ranging from a big online payment shop to an embedded device's backend infrastructure (and a slew of things in between).

avatar for Zach Lanier

Zach Lanier

Security Researcher, Accuvant Labs
Zach Lanier is a Senior Research Scientist with Accuvant Labs, specializing in various bits of network, mobile, and application security. Prior to joining Accuvant, Zach most recently served as a Senior Security Researcher with Duo Security. He has spoken at a variety of security... Read More →

Tuesday January 27, 2015 2:45pm - 3:45pm PST
Annenberg Community Beach House: Track 1 415 Pacific Coast Hwy, Santa Monica, CA 90402

Attendees (0)