As software crafters, our responsibility spans more than just shipping working, maintainable software and automated tests. The applications we build must be secured, observable, and reliable. Tools can assist us up to a point, but from there on it's up to the design decisions we take to avoid common pitfalls as early as possible in the development cycle.
In this presentation, we will walk over the top 10 most common security vulnerabilities when developing REST APIs, similar to the classic OWASP Top 10 that many of you might be familiar with.
Vulnerabilities we'll discuss:
- Broken Object Level Authorization
- Broken User Authentication
- Excessive Data Exposure
- Lack of Resources & Rate Limiting
- Broken Function Level Authorization
- Mass Assignment
- Security Misconfiguration
- Injection
- Improper Assets Management
- Insufficient Logging & Monitoring
The passionate participant is encouraged to read in advance about the topics we'll cover at owasp.org/www-...
The discussion will include some brief code examples in Java, but speakers of any programming language are welcome, as always. If you are interested in the full story, check out my 2-days Secure Coding workshop in my training offer victorrentea.ro...
Let's hack our way to better software engineers together!
👩🏻💻👨💻
About the speaker:
Victor Rentea is a Java Champion, Consultant, and Trainer writing code since 2006. His passion is Refactoring, Simple Design, and Unit Testing, about which he regularly talks at top conferences, but also to the Bucharest Software Craftsmanship Community that he founded. On victorrentea.ro you can find his blog, a selection of his best talks, his training offer, live masterclasses, and social channels.
22 авг 2024
