From the course: Complete Guide to Application Security
Join today to access over 25,500 courses taught by industry experts.
API security distinctions
From the course: Complete Guide to Application Security
API security distinctions
- Historically, we've mostly focused on securing web applications that users interact with directly, but today we're expanding our work into a world of API security. API stands for Application Programming Interface. An API acts as a messenger that allows different applications to talk to each other. It's all about machine-to-machine communication. Now, you might think, if APIs aren't meant for regular users, why should I care about their security? Well, here's the thing. Just because something isn't designed for direct user interaction doesn't mean that certain users can't access it. APIs are often the backbone of web applications, mobile apps, and even internet of things, or IoT applications. And if an API is vulnerable, it can expose sensitive data or allow attackers to take control of critical functionality. Think of an API as a website stripped down to its bare essentials. It has a URL and it listens on a specific port, just like a web server, often Port 443, the standard for…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
API security distinctions5m 36s
-
(Locked)
OWASP API Security Top Ten3m 21s
-
(Locked)
Broken object level authorization4m 59s
-
(Locked)
Broken authentication4m 44s
-
(Locked)
Demo: Implementing API authentication controls9m 2s
-
(Locked)
Unrestricted resource consumption5m 54s
-
(Locked)
Demo: Implementing resource consumption controls8m 19s
-
(Locked)
-
-
-
-
-