Name: How to Mitigate the OWASP Top 10 Risks: Part 3
Start: 2022-12-06T18:22:00Z
End: 2022-12-06T18:22:30.000Z
Location: BrightTALK
Rating: 5

Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away. Learn more about Akamai’s cloud computing, security, and content delivery solutions.

Last year, nearly one-third of web attacks targeted APIs. Join us for a live webinar as we reveal the findings from our latest State of the Internet (SOTI) report, 'Lurking in the Shadows: Attack Trends Shine Light on API Threats', and learn:

•        The latest API attack techniques
•        Regional trends
•        Real-world lessons
•        Advice around security implementations and active threats

State of the Internet: API Security

As risk to APIs grows and the attack surface expands with every new API, the conversation around API Security is more critical than ever. The 2024 API Security State of the Internet (SOTI) report showcases new insights into the attacks targeting APIs, which constitute 29% of web attacks over the past year.
Join guest speaker, Forrester Principal Analyst Sandy Carielli and Giora Engel, VP of API Security at Akamai as they deep dive into the types of attacks, extending beyond the OWASP API Security Top 10, and their implications across different industries and regions.
Is this webinar you will:
Understand real-world API Security threats
Identify impactful API attack trends
Gain visibility into the life of an API
Discover the principles of effective API security
Our experts will guide you through the necessary steps to demystifying threats facing your API landscape and fortifying your security posture without having to revise your existing infrastructure. Register now.

Around the World with APIs: Understand API Attacks Anywhere

Despite the complexity of algorithms and advanced security protocols, API security often fails to consider the sophisticated intersection of AI and API security. We will bridge this gap in our upcoming episode, ""Rise of AI Assisted API Attacks,"" by highlighting how emerging AI technologies can be harnessed to enhance protection against these modern threats.

This session will guide attendees through the latest trends in AI-driven attacks, how attackers are using AI to attack APIs, and tips and tricks from our Threat hunting team on how they use automation to combat these fast growing threats.

Ep. 5 - Rise of AI Assisted API Attacks

Think your site isn't vulnerable to web scraping attacks? Think again. Malicious actors are eager to compromise your webpage scripts to gain access to customer credentials or credit card information. According to Akamai research, 50% of commerce customers use 3rd party scripts, which can be vulnerable to Magecart style attacks. In this session, we'll discuss the latest PCI DSS 4.0 requirements for script protection so brands can better identify, monitor and manage suspicious and malicious script behavior.

Commerce Chats: Make a Fast Break Toward PCI Script Compliance

In today's digital-first world, the speed and security of visual content delivery can make or break customer experience. With one in four visitors abandoning a website if it takes more than four seconds to load, optimising visual assets such as images and videos for omnichannel delivery becomes a key differentiator. Join us for a fireside chat between two leading product innovators from Scaleflex and Akamai, as we dive into the complexities and solutions around managing, optimising, and securely delivering product assets across multiple channels such as online stores and marketing channels.

Key Takeaways:

- Learn how to streamline your visual content workflow at scale
- Leveraging AI to maximise the ROI of each visual asset 
- Optimise Media for Omnichannel Delivery

Join us as we unlock the secrets to preparing your visual assets for the dynamic demands of today's omnichannel landscape. Don't miss this opportunity to learn from the experts and network with peers facing similar challenges in the e-commerce industry. 

Speakers:
- John Bradshaw, Director of Cloud Computing Technology and Strategy EMEA, Akamai
- Emil Novakov, Co-Founder & CEO, Scaleflex

Fast and Secure Omnichannel Delivery of Media Assets with Scaleflex

In an era where data breaches and cyber threats loom large, safeguarding sensitive information within APIs stands as a paramount concern for organizations. Join us as Menachem Perlman, our Director of Solutions Engineering discusses the pivotal significance of secure data storage within API frameworks.

Join us in the first episode of our new monthly series on API Security, Join us to gain actionable insights and practical strategies for enhancing your API security posture through robust and secure data storage practices.

Don't miss this opportunity to fortify your organization's defenses and ensure the integrity of your API-driven operations. Register now for the series.

Ep. 1 - The Importance of Storing Data in Your API Security Strategy

APIs power interoperability and data exchange that leads to better clinical and financial outcomes across the healthcare ecosystem. But globally, innovations and regulations around APIs have also given rise to new cybersecurity challenges. In this talk, Akamai experts will share recent research findings from the new API Security State of the Internet Report (SOTI), use cases, and best practices to safeguard healthcare infrastructure. 

Attendees will learn:
   - The critical aspects of API security
   - How to identify and mitigate blind spots, including shadow or rogue APIs
   - How to evaluate healthcare-specific risks to fortify your security strategies

How Healthcare Can Balance the API Revolution with Cybersecurity Vigilance

Explore the lifecycle of an API with a focus on evolving security measures in episode 4 in the “If An API Could Talk” series. We will showcase how adopting a strong API security program leads to many different lenses of visibility including discovery, risk audits, and behavioral detection.

Gain insights through our recent State of the Internet report, real-world case studies on overcoming breaches and enhancing incident response. Join us to master API security best practices and stay ahead in the digital landscape.

Ep. 4 - A Year in the Life of an API: Chronicles of Security Evolution

A recent Forrester Consulting study commissioned by Akamai shows that cloud costs, complexity, and regional challenges are still top of mind for media and entertainment leaders. Other concerns include:

• 67% said their organization’s legacy systems are holding them back
• 48% cited concerns with geographical challenges, such as data sovereignty and localization
• 48% said the volume of their online processing needs limit their flexibility

Sign up today for a live webinar on April 25 to learn more about the study. The webinar will feature Akamai Cloud CTO, Jay Jenkins and Zeck Lim, Regional Sales Director from Hydrolix

How media companies are adapting to distributed cloud computing

A look at 2023’s cyber trends and what’s to come Embark on a journey through the cybersecurity landscape of 2023 with Akamai’s Security Intelligence Group. Our exclusive webinar will delve into key developments highlighted in our recently published State of the Internet (SOTI) A Year in Review report. 

What to Expect:  
- Gain valuable insights from Steve Winterfeld's frontline observations.  
- Discover Roger Barranco's perspectives from our Security Operations Command Centers.  
- Delve into Tricia Howard's exploration of the Outlook bypass vulnerability.   

Why Attend:  
- Uncover the impactful cyber trends that shaped 2023, from Magecart advancements to JWT vulnerabilities.  
- Equip yourself with lessons learned to navigate the evolving cybersecurity landscape in 2024.   

Join us for an engaging session where our SOTI report authors share their favorite security stories from 2023. Don't miss out on this opportunity to stay ahead in the ever-changing world of cybersecurity!

State of the Internet: A Year in Review

Explore the evolving landscape of compliance through our interactive webinar, focusing on the new PCI DSS 4.0 standards. In this session, Mark Carrizosa, our esteemed Director of Information Security and owner for the Akamai Global PCI program, takes on the auditor's role in a simulated live audit, while Chris Trynoga simultaneously demonstrates how Akamai Guardicore Segmentation adeptly navigates the evolving compliance challenges of PCI 4.0. This webinar aims to clarify and simplify the complexities involved in adhering to the new standards, offering an in-depth examination of the procedures and tactics for seamless compliance navigation. 

Gain hands-on experience with the most current compliance strategies and acquire thorough knowledge on the critical elements of PCI DSS 4.0, all through a mix of expert discussions and real-time demonstrations. Whether you're new to the compliance scene or a veteran looking to update your practices with the newest standards, this webinar is designed to elevate your understanding and application of compliance measures.

During the session you will::
- Understand the nuances and requirements of PCI DSS 4.0 from experienced professionals. 
- Learn how to leverage Akamai Guardicore Segmentation for efficient and effective compliance with the latest standards. 
- Enhance your understanding of PCI DSS 4.0 and how to apply it to your compliance efforts.

Note: The simulated audit scenario presented is designed for educational purposes to illustrate proactive compliance strategies with PCI DSS 4.0. Individual results may vary.

Ready, Set, Comply: Gearing Up for PCI DSS 4.0 Compliance

Are you spending a third of your cloud infrastructure budget on observability? Do you have to discard certain data to keep costs down? Bid farewell to painful tradeoffs.  

Introducing TrafficPeak on Akamai Connected Cloud. A managed observability service powered by Hydrolix software.

With TrafficPeak, you can:

•       Ingest and retain all your data, no matter the size, for years.
•       Enjoy significant cost savings compared to other observability providers.
•       Optimise your budget while maintaining robust data capabilities.
•       Attain complete visibility into the performance and security of your applications and infrastructure.
•       Proactively address potential issues to prevent them from evolving into business disruptions.

How Observability Can Proactively Safeguard Your Customer Experience

As the reliance on APIs continues to surge, so does the scale of security threats aimed at exploiting data vulnerabilities. These threats highlight the need for effective data protection methods. Data tokenization and data encryption stand out as key techniques, each offering unique benefits and applications.

In our upcoming webinar, we'll closely examine these strategies, emphasizing the critical role of tokenization in safeguarding your API data.

Join us to explore the essentials of API data protection and discover the importance of tokenization in creating a robust security strategy. We'll demonstrate how tokenization ensures the safety of your data, maintaining its confidentiality, integrity, and accessibility in our digital era.

Ep. 3 - The Importance of Data Tokenization Over Traditional Encryption

Are you concerned about not having complete visibility into all application dependencies across your new cloud deployments?
If so, you’re not alone. Visibility is a top concern for organizations looking to enhance their cloud security and create consistent policies across their hybrid infrastructure. 

In this webinar, we'll demonstrate how network security professionals can effortlessly manage segmentation across public cloud environments and on-premises data centers through a single console, achieving:
1. Faster time to policy deployments
2. Single network governance across data centers and cloud
3. Reduced management complexity.
4. Compliance to regulations specific to the cloud

During the session you will learn:
- How advancements in microsegmentation can allow you to protect more with less
- Key use cases for cloud segmentation
- How visibility that encompasses on-prem and cloud workloads enables more efficient security policies
- A demo walkthrough of cloud segmentation so you can see it in action.

Why Segmentation is Crucial to Contain Breaches in the Cloud

Securing customer data and privacy is as important to service providers as delivering fast, reliable internet. Customer satisfaction and business stability depend on it, and standards like PCI DSS 4.0 and other regulations mandate it. Security is a continuous process because hackers never sleep—new approaches are needed to defend against new attacks, and offer more flexibility to achieve security objectives.

This webinar will discuss Akamai’s Microsegmentation. It’s an emerging security best practice that offers several advantages over more established approaches to provide your organization
comprehensive protections for business applications. Focused on pre-breach and the time during a breach, we’ll discuss the steps for proactive hardening through a layered approach to security, as well as what you should do if you are experiencing a breach.

Join Akamai experts as they discuss microsegmentation, and hear from a leading ISP about why they chose the Akamai solution, and how it meets their requirements.

A New Way for Carriers to Stay Secure and Navigate Compliance

Recognizing vulnerabilities in even the best-designed APIs.

Do you know that even the most well-designed APIs can be abused? Organizations invest resources in designing robust and efficient APIs to meet the demands of a connected world. However, a stark reality remains: Even the most meticulously crafted APIs are not immune to abuse.

Join our API security experts on Wednesday, December 13, as we discuss API abuse and the fact that no API, no matter how well designed, is safe. We will cover:
- The anatomy of real API abuse
- A deep dive into common attack vectors such as injection attacks, credential stuffing, and data scraping
- API threat hunting tactics Register now and start protecting your APIs from abuse.

Register now and start protecting your APIs from abuse.

Guarding Against API Abuse

Organizations face a major decision about their cloud computing strategy. Should you continue with your current cloud architecture and tools, even if it is not meeting customers’ needs? Or should you adopt a different approach, which is more open and distributed, swapping out a platform-centric approach for one that is cloud native?

In our webinar, three cloud computing experts discuss these topics and others relating to the pros and cons of different cloud computing models.

What to expect:
• Gain valuable insights from the observations on current and future cloud and edge computing trends.
• Learn about where each panelist is on their cloud journey, where they plan to head next in 2024, and why.

Why attend?
• Hear about the benefits of a distributed cloud computing model.
• Discover more about the current and future uses of edge computing.
• Find out about the differences between a platform-centric versus a cloud-native approach.

Join us for a lively and engaging discussion.

Speakers:
• Dolo Miah, CTO, Linebreak
• Mike Kasprzak, Co-Founder, Ludum Dare
• Jay Jenkins, CTO, Cloud Computing, Akamai
• China Martens, Cloud Marketing, Akamai (Host/Moderator)

State of Cloud:  2024

Application Security for Billions: Lessons Learned from Securing Web Apps and APIs at Internet Scale

Whenever you hear people talking about web and application security, you’ll often learn about the latest way to make sure you’re not ingesting user supplied input the wrong way, or how to write secure code to prevent cross site scripting, etc. 

But, have you ever wondered what it’s like to secure business critical websites, and the ever-evolving growth of API’s and bespoke applications that are developed every day across thousands of websites in dozens of countries around the world?

In this webinar, Tony Lauro, Akamai’s Security Technology and Strategy Director, will cover:
- What defenders are doing at scale to defend the evolving threats targeting websites 
- Methods for cutting out the noise of benign, but annoying vulnerability verification requests
- Best practices for managing large scale security configurations
- Some of the ways that defenders are winning against these unimaginable odds, as well as how attackers are targeting these very same applications hoping to bypass security by obscuring their attack techniques

Lessons Learned from Securing Web Apps and APIs at Internet Scale

How to Mitigate the OWASP Top 10 Risks: Part 2

How to Mitigate the OWASP Top 10 Risks: Part 1

How to Mitigate the OWASP Top 10 Risks Series

The Open Web Application Security Project or OWASP is a nonprofit organization that works to improve the security of software. The organization produces a top ten list of what is to be considered the most critical web application security risks along with their remediation guidance. Akamai has taken that list and explored how Akamai’s suite of cybersecurity solutions can help mitigate those top 10 vulnerabilities.  

Join Akamai Director of Security Technology and Strategy, Sean Flynn and Principal Technical Account Manager, Rob Higgins as they delve into the last risks on the top ten list, sharing how Akamai can help organizations protect these vulnerabilities. They will also share key takeaways from the most recent publication of the OWASP top ten list. In this webinar, you will learn about the following risks:
• A08: Software and Data Integrity Failures 
• A09: Security Logging and Monitoring Failures
• A10: Server-Side Request Forgery

How to Mitigate the OWASP Top 10 Risks: Part 3

OWASP

Web Application Security

APIs

Monitoring

Security

Security Logs

Akamai Technologies

Application Security

Cyber Security

Vulnerabilities

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

How to Mitigate the OWASP Top 10 Risks: Part 3

Presented by

About this talk

More from this channel