Back To Schedule
Wednesday, October 9 • 3:30pm - 3:55pm
OPEN TALK (API): How APIs Simplify Automated Attacks: Prying-Eye Direct-to-API Enumeration Attack

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The Prying-Eye enumeration vulnerability recently discovered in leading web conferencing applications by the CQ Prime research team highlights how APIs used in your public facing applications provide bad actors with the same ease of use, efficiency and flexibility benefits that APIs bring to the development community. Rather than scripting a web form fill to launch an attack, bad actors will analyze the web or mobile application to understand the business logic while discovering the APIs in use. Armed with that information, bad actors can then create a bot that will execute an automated attack directly against the APIs. In this session, Shreyans Mehta, CTO and Co-founder of Cequence Security will share recent details of the Prying-Eye attack and the prevalence of using APIs for automated attacks. He will close with security recommendations and how Cequence Security can help.

API World 2019 Speakers
avatar for Shreyans Mehta

Shreyans Mehta

Co-Founder and CTO
Shreyans Mehta is an innovator in network security and holds several patents in the field. Before co-founding Cequence Security, he was Architect and Technical Director at Symantec, where he led the development of one of the most advanced network security platforms and intrusion prevention... Read More →

Wednesday October 9, 2019 3:30pm - 3:55pm PDT
API World -- Main Stage Theater