Harmonizing the OWASP API and Application Top 10 Lists - Joe Schottman
Speaker
Joe Schottman
Truist (not speaking on behalf of them), Security Analyst focused on R&D
Description
OWASP brought out a new Top Ten Security Risks list specific to APIs in 2019. There are some vulnerabilities that are common between them but some exist only in one or the other. This talk will cover the basics of APIs and then discuss how to combine both top ten lists to cover a better spectrum of risks than using just one list allows. The basics of what each category of risk is, how they might differ in an API compared to a web application, how to detect them, and how to prevent them will be covered.
Managed by the OWASP® Foundation
https://owasp.org/
