Name: API Threat Hunting: The Anatomy of an API Attack
Start: 2022-10-05T17:00:00Z
End: 2022-10-05T17:00:42.000Z
Location: BrightTALK
Rating: 5

Neosec is now part of Akamai! Akamai is a global leader in cloud computing and security, and we're confident that this partnership will allow us to take our API security solutions to the next level.

Follow Akamai Technologies to stay up-to-date on the latest API Security news and developments. 


It's almost a certainty that a good pen test or Red Team exercise will find APIs that are out-of-date, misconfigured or not properly managed. Defending these--and establishing a stronger security stance--is difficult, if not impossible, for many organizations simply because they do not know about a considerable portion of APIs they have in use. APIs often come into play directly from departments, business units and even individuals without the knowledge of security or IT. With many of these APIs being invisible to security teams, they are impossible to properly secure. This presentation examines the problem of hidden APIs and how to establish a practice of complete discovery and maintain an up-to-date inventory and knowledge of APIs.

Discovery is the Starting Point for Defending APIs

Enterprises are finally starting to pay attention to application security as theoretical threats to their application infrastructure become reality. For years, security vendors have discussed DevSecOps solutions and the benefits they bring to the mature enterprise, but forecasted attacks on APIs and infrastructure as code (IaC) have put application security in the spotlight. 

As a result, organizations of every size are investing in application security tools, and tools that address every market of every size will have a decisive advantage to exploit this emerging trend. Enterprise Management Associates (EMA) recently surveyed IT professionals, information security practitioners, and technology business leaders across all verticals to discover their attitudes and perspectives toward API security and the tools they are using/evaluating to protect their critical workloads. 

Join Christopher Steffen, Managing Research Director of Information Security at EMA, for an informative webinar that will shed light on the research findings and:

- Measure how far enterprises have come in protecting APIs
- Uncover the challenges they face in trying to secure APIs
- Examine strategies that are in place and are being formulated to defend against these new types of threats

Debunking the Myths Around API Security

Join us in discussing the benefits of an integrated, proactive runtime API security strategy. After discussing the API threat landscape and existing security controls, we will move on to focus on runtime protection of APIs. Using real attacks, we will illustrate where WAFs and WAAPs excel at, and where they fall short and need complementing with dedicated API security solutions.

6 Ways API Security Makes Your WAF Stronger

Today, APIs help enable business growth. They are the connective tissue that powers digital transformation. Their adoption is widespread, with businesses continually opening API access to more partners, applications, mobile apps, and IOT devices. But how are organizations expected to protect this ever-changing API estate? How do you know what is good and bad behavior on each API your organization uses? This API blindspot is becoming the biggest security problem for today’s businesses.

The API Blindspot

APIs are powering business innovation. But the fast pace of digital transformation is too often at the expense of protecting the business from security threats. By their nature APIs expose key business critical processes and it is vital to protect them following best practices for API security. Kong and Neosec have partnered to bring API security integrated within Kong’s Enterprise Gateway.

Is this webinar you will:
- Understand How Kong and Neosec approach API security
- Review common API security concerns
- Learn about common abuse cases
- Watch the integration between Kong and Neosec

Leveling Up Your API Gateway with Advanced Threat Protection Featuring Kong

Today, APIs help enable business growth. They are the connective tissue that powers digital transformation. Their adoption is widespread, with businesses continually opening API access to more partners, applications, mobile apps, and IOT devices. But how are organizations expected to protect this ever-changing API estate? How do you know what is good and bad behavior on each API your organization uses? This API blindspot is becoming the biggest security problem for today’s businesses.

In this talk you will learn:
- The scope of the business problem of API abuse.
- Where traditional security products fail.
- How mature is your organization on understanding API security issues.
- How to prepare your organization and adopt API security best practices.

About the presenter:
Giora Engel, Co-founder and CEO
Giora is a two-time entrepreneur. Prior to founding Neosec, he was VP Product Management at Palo Alto Networks after his first company LightCyber was acquired. He served as an officer in the elite technological unit in the Israel Defense Forces, where he pioneered the development of cyber technologies.

What you need to know about protecting your APIs

This session is for security practitioners seeking a deep dive into API security. If you have threat hunters on your team, invite them to get real-world insights straight from our Neosec Threat Research Lab.

Join our API security experts on for a webinar and Q&A hosted by Neosec’s Head of Threat Research, Tal Leibovich, and VP of Field Engineering, Menachem Perlman. 

What you will learn: 
-    Common API security problems
-    The anatomy of real API attacks
-    API threat hunting tactics
-    How to expand your team's API security expertise
-    New developments in API security 

Don’t let your security team miss out. Forward this webinar to your team and peers who would be interested.

API Threat Hunting: The Anatomy of an API Attack

APIs

Application Security

API Security

Threat Hunting

API Management

Web Application Security

IT Security

Cyber Security

DevOps

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

API Threat Hunting: The Anatomy of an API Attack

Presented by

About this talk

More from this channel