Your developers are using APIs everywhere. But are your APIs secure? Statistics demonstrate that 95% of companies have experienced attacks targeting their usage of APIs in their modern applications, and this is most likely a concern for you. And yes, it’s likely keeping you up at night.
When using other people’s code–via APIs–how do you make sure you’re not using, directly or indirectly, vulnerable APIs? There are good security approaches and best practices that start at the API code level. But the bigger question is, “do your developers know what those practices are?” Security and threat intelligence must play a role within each part of the API lifecycle to stay ahead of the curve.
In this talk, you’ll hear from Steve Boone, Head of Product Management at Checkmarx, where he will dive deep into the following topics:
· How to shift security testing as far left as possible to create secure APIs on every pull request
· How to focus your developers’ efforts and attention on where the vulnerable API lives
· New ways to prioritize vulnerability remediation based on APIs handling of sensitive data
· Where best to correlate API security with SAST results to enhance vulnerability context