Webinar

Securing Your APIs: What You Need to Know

Modern attack surfaces are evolving and morphing as API use is increasing. From car hire to medical records, APIs power applications that impact lives. Technical challenges and human error make it possible for vulnerable APIs to make their way into production environments where they often have a negative impact downstream. Once deployed or integrated into larger applications, these APIs are hard to mitigate and even harder to remediate. Scanning and testing APIs in a runtime environment helps security teams uncover vulnerabilities in APIs before they’re in production, where remediation is more costly and frustrating. Understanding how to secure APIs is a struggle for most security teams. Conflicting guidance on runtime testing best practices creates confusion and delay.

In this webinar, Veracode's Head Dynamic Analysis Engineer, Dan Murphy, will cover:

• The challenges of generating RESTful traffic from API specifications in OpenAPI 2.0 and 3.0, that gets past the HTTP 400 Bad Input Response

• How to perform attacks on various injection points in API requests

• How API scanning performance advantages allow for more thorough attack coverage

• How responses are inspected for evidence of vulnerability

View the Webinar



Questions? Contact Us | 1-888-937-0329

About Veracode

Veracode is the leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.


Veracode serves thousands of customers worldwide across a wide range of industries. The Veracode solution has assessed more than 53 trillion lines of code and helped companies fix more than 71 million security flaws.


Learn more at www.veracode.com, on the Veracode blog and on Twitter.


© Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.