Warning message

The service having id "twitter" is missing, reactivate its module or save again the list of services.
The service having id "facebook" is missing, reactivate its module or save again the list of services.
The service having id "google_plus" is missing, reactivate its module or save again the list of services.
The service having id "linkedin" is missing, reactivate its module or save again the list of services.

Track:

Duration

Duration:

10:35am - 11:25am

Abstract

More and more enterprises today are doing business by opening up their data and applications through APIs. Though forward-thinking and strategic, exposing APIs also increases the surface area for potential attack by hackers.

To benefit from APIs while staying secure, enterprises and security architects need to continue to develop a deep understanding about API security and how it differs from traditional web application security or mobile application security.

In this session, we will walk you through the various aspects of how an API could be potentially exploited. We will discuss the necessary best practices to secure your data and enterprise applications while continue continuing to support your business’s digital initiatives.

Penetration Tester & Social Engineer @BishopFox

Christina Camilleri

Applications through an attacker’s lens

Trust & Information Security Officer @Twitter

Michael Coates

Make your API Flexible, Composable and Extensible

CTO @Nuxeo

Thierry Delprat

Improving Cloud Security with Attacker Profiling

LibVMI Creator, OpenStack Security Co-Founder, & Platform Security Team Lead @Netflix

Bryan Payne

Tracks

Covering innovative topics

Monday Nov 16

Architectures You've Always Wondered About

Silicon Valley to Beijing: Exploring some of the world's most intrigiuing architectures
Applied Machine Learning

How to start using machine learning and data science in your environment today. Latest and greatest best practices.
Browser as a platform (Realizing HTML5)

Exciting new standards like Service Workers, Push Notifications, and WebRTC are making the browser a formidable platform.
Modern Languages in Practice

The rise of 21st century languages: Go, Rust, Swift
Org Hacking

Our most innovative companies reimagining the org structure
Design Thinking

Level up your approach to problem solving and leave everything better than you found it.

Tuesday Nov 17

Containers in Practice

Build resilient, reactive systems one service at a time.
Architecting for Failure

Your system will fail. Take control before it takes you with it.
Modern CS in the Real World

Real-world Industry adoption of modern CS ideas
The Amazing Potential of .NET Open Source

From language design in the open to Rx.NET, there is amazing potential in an Open Source .NET
Optimizing You

Keeping life in balance is always a challenge. Learning lifehacks
Unlearning Performance Myths

Lessons on the reality of performance, scale, and security

Wednesday Nov 18

Streaming Data @ Scale

Real-time insights at Cloud Scale & the technologies that make them happen!
Taking Java to the Next Level

Modern, lean Java. Focuses on topics that push Java beyond how you currently think about it.
The Dark Side of Security

Lessons from your enemies
Taming Distributed Architecture

Reactive architectures, CAP, CRDTs, consensus systems in practice
JavaScript Everywhere!

Javascript is Everywhere. Learn why
Culture Reimagined

Lessons on building highly effective organizations

Schedule

Warning message

Duration

Abstract

Find Ian Goldsmith at

Similar Talks

Tracks

Covering innovative topics

Monday Nov 16

Tuesday Nov 17

Wednesday Nov 18

Conference for Professional Software Developers

Follow QCon

Contact

Menu

QCons around the World

Warning message

Presentation: Deconstructing API Security

Duration

More talks on:

Abstract

Find Ian Goldsmith at

Similar Talks

Tracks

Covering innovative topics

Monday Nov 16

Tuesday Nov 17

Wednesday Nov 18

Conference for Professional Software Developers

Follow QCon

Contact

Menu

QCons around the World