Back To Schedule
Wednesday, October 9 • 1:00pm - 1:50pm
PRO WORKSHOP (API): What Hackers Don’t Want You To Know: How to Maximize Your API Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
What do Google, Facebook, Paypal, IRS, and USPS have in common? The answer is hackers exploited their APIs to access sensitive customer information. Although these API attacks were detected and exposed, most API-based attacks go undetected in today's technologically sophisticated world – particularly attacks that come from authenticated sources. With the number of APIs increasing constantly right along with the number of API attacks, API security has never been so important to an organization's success.

Ping Identity and MuleSoft have partnered together with a market-leading solution to tackle the complexities and nuances of protecting API infrastructures and the digital assets that they connect.

This session will discuss today’s API threat landscape and explore what you can do to both detect and block advanced attacks on APIs. The presentation will first dive into the API development lifecycle using a live API built with MuleSoft. We will look at some common monitoring capabilities on the MuleSoft API and what a security violation would look like.

Then, we will have some fun by simulating attacks on our own API. In this phase of the presentation, we will simulate some basic attacks and show how security policies or a web application firewall can block these common attacks.

From there, we will dive even deeper by simulating more advanced attacks from authenticated users (data theft and API takeover), hackers who have reverse engineered an API, and layer 7 DoS attacks that fly under the SLA radar. This is where we will showcase PingIntelligence’s advanced capabilities by showing how a MuleSoft API (or any other API) can connect with PingIntelligence to detect and prevent sophisticated attacks. This will allow the audience to see how the PingIntelligence software uses AI to discover and model normal behavior on an API to block and report on advanced attacks.

API World 2019 Speakers
avatar for Aaron Lieberman

Aaron Lieberman

MuleSoft Practice Manager and Lead Consultant, Big Compass
Aaron’s passion for technology and for enriching connectivity between people and between systems drives him to find innovative ways to advance organizations through scalable, distributed platforms while driving process and team cohesiveness. Aaron is a MuleSoft Practice Manager... Read More →

Wednesday October 9, 2019 1:00pm - 1:50pm PDT
API World -- Workshop Stage B