A10 - Underprotected APIs


Modern applications often involve rich client applications and APIs, such as JavaScript in the browser and mobile apps, that connect to an API of some kind (SOAP/XML, REST/JSON, RPC, GWT, etc.). These APIs are often unprotected and contain numerous vulnerabilities.

https://www.owasp.org/index.php/Top_10_2017-A10-Underprotected_APIs

Why

The new Owasp Top 2017 introduces this new category; this Working Session presents an opportunity to challenge or support it.

What

  • Review data behind this new category
  • Review current description and text
  • What are the pros and cons of this category
  • Is this category important enough to be added to the new Top 10?

Who

  • Security Professionals
  • AppSec teams
  • Tool vendors


Back to list of all Working Sessions and Tracks

Edit this page here