Name: Cracking the Code: Defending APIs from Business Logic Attacks
Start: 2024-04-03T10:00:00Z
End: 2024-04-03T10:01:00.000Z
Location: BrightTALK
Rating: 4

Imperva is a leading provider of cyber security solutions that protect business-critical data and applications in the cloud and on-premises.

Bad bots are a persistent problem affecting consumers and organizations across industries. As part of our ongoing commitment to helping organizations better understand the challenges and risks associated with automated traffic, we have published the 2024 Imperva Bad Bot Report.

Join our panel of cybersecurity experts, Erez Hasson, Atul Anvekar, and Stephen Dickson, to discover how bad bots force organizations to rethink how they address automated attacks without impacting customer experience.

Attend this session to get:
• Exclusive insights from the 2024 Imperva Bad Bot Report, including the latest 
statistics and emerging trends
• Real-world stories from the frontline battles against bad bots
• Guidelines for detecting and diagnosing bot-related issues in your infrastructure
• Strategic recommendations to safeguard your business from sophisticated bot threats

Battling Bad Bots: The Latest Trends, Stats & Defense Strategies

Confront a growing, modern cybersecurity threat and learn what it takes to build a robust API Security strategy in 2024. With the adoption of APIs continuing to surge,  the importance of securing them has become paramount.  

Join our hosts, Luke Babarinde and Grainne McKeever, as they dive deep into API Security. Uncover why API Discovery is a vital component of any strategy to defend against the ever expanding threat landscape and register today to:

• Gain key insights from The State of API Security in 2024 report

• Learn from a real-world API Security case study 

• Explore key elements of a full-stack Application Security solution

Build a Robust API Security Strategy in 2024

In today's rapidly evolving digital landscape, the migration to cloud infrastructure has become pivotal for organizations seeking enhanced resilience and security. However, this shift brings forth new challenges, particularly in safeguarding sensitive data amidst ever-evolving threats like ransomware and generative-AI attacks, alongside stringent compliance regulations such as NIS2 and PCI 4.0.

Enter data-centric security, offering CISOs transformative opportunities to fortify data protection, compliance adherence, and operational efficiency, thereby nurturing deeper trust with customers. Yet, ensuring robust defense mechanisms remains imperative, given the diverse pathways to data, each with its own unique security demands and vulnerabilities.

In our upcoming webinar, "Thales + Imperva: Trusted End-to-end Data Security" Todd Moore, VP of Data Protection at Thales, and Terry Ray, SVP of Data Security and Imperva Fellow for Imperva, a Thales company, will delve into the strategies that empower organizations to unlock maximum value from their data assets amid the complexities of multicloud environments.

Join us as we explore:
• Adopting a data-first approach to simplify data protection and compliance
• Leveraging the combined strength of Thales and Imperva's state-of-the-art data security platforms
• Applying data security across clouds: private, AWS, Azure, GCP, and ensure parity with your on-premises policies
• Harnessing the latest data security innovations for managing sensitive data, detecting threats, and mitigating risks

Thales + Imperva: Trusted End-to-end Data Security

PCI DSS 4.0 is set to disrupt the cybersecurity posture of all online organizations with mandates for stronger authentication, enhanced encryption, and a risk-based approach to security. 
The impact to online businesses is two-fold — companies gain enhanced abilities to safeguard against data breaches and fraud, but will require effort to meet compliance. 

Join industry expert Tari Schreider, a Strategic Cybersecurity Advisor at Datos Insights, as he discusses:
• Improved security with strengthened authentication and encryption 
• Flexible and customized compliance
• Continuous security process with regular updates and testing
• Enhanced customer trust

PCI DSS 4.0 is almost here - are you ready?

Confront a growing, modern cybersecurity threat and learn what it takes to build a robust API Security strategy in 2024. With the adoption of APIs continuing to surge,  the importance of securing them has become paramount.  

Join our hosts, Luke Babarinde and Grainne McKeever, as they dive deep into API Security. Uncover why API Discovery is a vital component of any strategy to defend against the ever expanding threat landscape and register today to:

• Gain key insights from The State of API Security in 2024 report

• Learn from a real-world API Security case study 

• Explore key elements of a full-stack Application Security solution

*This webinar is a recorder webinar specifically targeted for APJ region.

Build a Robust API Security Strategy in 2024 (APJ)

Acompañenos en esta sesión en la cual mostraremos una de las capacidades más recientes para monitoreo de bases de datos cuando los agentes o monitoreo en red no son opción, el monitoreo Agentless en nuestra plataforma DSF.

Imperva Webinar: Auditoría Agentless (Español)

Organisations face the challenge of defending their web applications from increasingly sophisticated attacks whilst helping the business move forward. While traditional security controls, such as bot mitigation and API security, are fundamental, there's a growing recognition of the need for more proactive and internalised security measures. This webinar introduces a modern way of enhancing application security by adopting code-level protection, protecting applications from the inside out.

We will discuss the importance of providing real-time, in-depth defence mechanisms directly within the application's code, offering a critical layer of security that detects and counteracts threats as they occur. The session aims to articulate how code-level security complements your security infrastructure by adding a layer of protection embedded in the application, making it capable of self-defending against known and unknown attacks.

Discover how adopting code-level security can empower your applications to be more resilient against cyber threats, help you deliver production applications faster and ensure the security and reliability of your critical web applications.

Byte Size Security: Protecting Apps From The Inside

Acompañanos en esta sesión para mostrar las capacidades de los agentes para el monitoreo y protección de tus BDs

Imperva Webinar: Auditoría con Agentes

In a recent IDC study, 87% of organizations identified their businesses as well on their way to becoming digital first. Inevitably, there will be a surge in the growth of sensitive data and workloads to fuel new applications, services, and tools distributed across hybrid and multicloud environments that not only engage customers, but also increase business efficiencies.

If your organization is in this growth cycle, your IT and security teams will need to rethink the state of your data security strategy from multiple perspectives including preventing a breach, proactively planning to limit risk, and adhering to data privacy and industry regulations.

In this webinar, you will learn:
- Key considerations for building a multicloud data security strategy
- Best practices to extend data protection to all data no matter where it lives.
- How Imperva DSF is helping organizations like Discovery Inc. save time and resources by making it easier to get the visibility it needs to extend compliance requirements to cloud data.

Before concluding, the speakers will open the discussion to answer questions from the audience. All materials used in the webinar will be available for download after the webinar ends.

IDC Spotlight: Navigating the Surge in Sensitive Data Growth

In an increasingly interconnected and complex healthcare landscape, safeguarding patient data has become a paramount concern. Healthcare Organizations find themselves at the forefront of the battle against data breaches, as they grapple with the immense responsibility of protecting patients and securing sensitive information. This webinar delves into the key aspects of healthcare data security and potential areas for improvement that are vital for maintaining patient trust.

Join us for this informative webinar, where we'll bring together experts Salwa Rafee, Cybersecurity Senior Executive, and Terry Ray, SVP Data Security CTO to discuss the threat landscape and best practices to avoid data breaches that can impact patient care.

Key Topics to Be Explored:
- How vulnerable is healthcare to cyber threats? Looking back and ahead ..
- Prime targets: Protected Health Information (PHI) and Personal Identifiable Information (PII) data while transmitting, sharing and storing
- The crucial role of data visibility, risk assessments and audits 
- Best practices for identifying unauthorized data access, patterns, and anomalies

Discover actionable strategies and insights that can enhance your organization's data protection measures and ensure the safety and privacy of patient information. Don't miss this opportunity to stay at the forefront of healthcare data security.

Safeguarding Patient Data: Navigating the Future of Healthcare Data Protection

Acompáñenos a revisar nuestra estrategia de aseguramiento y auditoría de datos en entornos híbridos y multinube, incluyendo nubes públicas, privadas y locales.

Imperva Webinar: Estrategia de protección de datos multinube

Les données et les API constituent aujourd’hui des angles morts majeurs en termes de sécurité et sont de plus en plus exploitées dans le cadre d’attaques supplychain.

En effet, selon Gartner, d'ici à 2024, l'utilisation abusive des API et les violations de données associées doubleront. 

A l’aube des évolutions réglementaires de NIS2, découvrez les pratiques de sécurité que vous devez adopter pour vos données et API dans un environnement sur site, hybride et/ou multicloud. 

Ce webinar vous permettra d’en savoir plus sur NIS2, les méthodes et outils de sécurité tels que la découverte et la classification, l’analyse des vulnérabilités, et l’analyse comportementale.

Sécurisez vos applications, vos API et vos données pour vous conformer à NIS2

Application modernization is an important journey that can unlock a world of new 
business opportunities. But there is a downside. This effort can inadvertently expose 
your organization to new vulnerabilities that cybercriminals are ready to exploit.

Join our cybersecurity experts as they reveal how the shift from legacy systems to modern applications can increase exposure to business logic abuse. This webinar will provide valuable insights into mapping your threat landscape, how to identify potential security gaps, and tips for crafting an effective defense strategy.

Some topics we’ll cover:

• Real-world strategies for mitigating modernization risks
• Practical tips to defend against business logic attacks
• Actionable guidelines to strengthen your application security

Mapping the Threat Landscape

Get ready to embark on a journey into the future of cybersecurity! 

Event Highlights: 
Insider Insights: Join industry experts Nitin Ahuja and Daniel Toh as they share their invaluable insights on the latest cybersecurity trends and predictions for 2024. 

Regulatory Roadmap: Navigate the evolving landscape of APJ cybersecurity regulations with a special focus on the key changes expected in 2024. Stay one step ahead by understanding the compliance requirements that will shape the year.

APJ 2024 Cybersecurity Trends and Predictions

IT professionals were forced to reprioritize their approach to application security in 2023, to focus on new CVEs and targeted customer data breaches. Security teams must also adapt to new economic, political, technological landscapes and of course, new threats. 

Join top security experts from our Office of the CTO, Kunal Anand and Peter Klimek, as they provide key cybersecurity trends, insights, and examples to consider going into next year:

• Shift Left has peaked, what’s next for development teams
• Microservices is the new normal - what does that mean for your organization
• AI becomes the great enabler in 2024, bringing huge opportunities and new cybersecurity risks
• Breaches are now mainstream - how you can prepare

2024 Cybersecurity Trends and Predictions

APIs have become the backbone of innovation but they have inadvertently created a wider attack surface for cybercriminals.

Without proper security checks, APIs become playgrounds for attackers. Join us as we uncover a growing, hidden danger: business logic abuse.

Some topics we’ll cover:

• How deep discovery and machine learning can provide full API visibility and monitoring
• How to safeguard your most vulnerable APIs, to minimize business logic abuse
• Essential tools needed for evaluating and mitigating Broken Object Level Authorization (BOLA) risk per current IDOR regulatory guidelines
• Full-stack API Security solution vs. pure-play API Security

Cracking the Code: Defending APIs from Business Logic Attacks

API Security

BOLA

IDOR

Application Security

Business Logic Attacks

Cybersecurity

APIs

Digital Transformation

Machine Learning

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Cracking the Code: Defending APIs from Business Logic Attacks

Presented by

About this talk

More from this channel