API Security and Assessment: What They Don’t Tell you in Class
If we can’t easily find and track deployed APIs how do we secure them?
API’s (Application Programming Interfaces) are becoming ubiquitous and they are extremely useful and a great architecture decision delivering flexibility and extensibility of a service but life in the API fast lane is not necessarily a bed of roses.
What they don’t tell in “Fastrack to API nirvana 101” is that APIs have a tendency to proliferate and once they are out there it can be difficult to discover them as APIs are ‘headless’ and don’t have a website or other obvious indicator they exist. Running a simple web scanner against an API simply does not work. A scanner would just hit an initial URL and not know how to invoke or traverse the various API calls. Many APIs are only discoverable if you interact with the endpoint in the correct manner.
Please join Blue Turtle and our technology partner Edgescan for an enlightening session where we will reveal how Edgescan provides continuous API discovery and vulnerability management coupled with false-positive free risk intelligence.
1. Find exposed APIs across an organisation's global estate.
2. Adopt a continuous approach to API security by running regular vulnerability scans against APIs.
3. Achieve absolute confidence in the security of your APIs with penetration testing.
Know your APIs, scan your APIs, test your APIs.
It’s easy with Edgescan.
Chance to win a bottle of Green Spot Irish Whiskey