Security Compass is Releasing a New ‘Defending Web APIs’ Course

September 7, 2018

In today’s organizations, Application Programming Interfaces (APIs) are integral to business operations. In fact, the standard organization manages over 300 APIs. This growing popularity correlates with the mass organizational adoption of a microservices architecture, which involves building applications from variably-sourced components and using these components interchangeably across applications. It differs from the traditional application structure, which was more self-contained. Today, organizations heavily rely on application portfolios with open connectivity, data sharing, and integrations, which is exactly what APIs offer. They’re the modern tool that holds all of your applications together.

Yet, as APIs grow in popularity, they also become more of an attack surface. As a result, organizations are facing greater security threats. In the past two years, multiple breaches have issued from inadequate API security. We’ve seen incidents in large organizations, like T-mobile and Instagram, where millions of users’ sensitive data were exposed due to poor API security protections. This year, we’ve already seen a number of high-profile breaches and security exposures that resulted from poorly defended APIs. The issue is so prevalent, in fact, that API vulnerabilities almost made it into the 2017 OWASP Top Ten list. These vulnerabilities are common, and they’re also difficult to detect. They can result in data theft, corruption, destruction, and unauthorized access to the whole application. Gartner even claims that, by 2022, API attacks will be the leading cause of data breaches in enterprise web applications.

Given this state of affairs, Security Compass is eager to announce the release of our new Defending Web APIs course, to be released on September 6th, 2018. This new course will address relevant API security concerns and will teach developers how to protect their software and APIs.

A Brief Course Overview

Designed for junior developers with some experience using APIs, this course discusses defenses against common vulnerabilities in today’s RESTful Web Application Programming Interfaces (APIs). During the course, you’ll review the security of connecting to APIs, validating input and output, communication channels, and common attacks.

SD Elements Offers API Security

Using our policy-to-execution platform, SD Elements, you can operationalize security requirements for your APIs, protecting all of your applications. For instance, SD Elements allows you to perform authorization checks on RESTful web services, design secure RESTful web services and prevent parameter tampering in web services.

To review the new course curriculum, check out our course here. To learn more about SD Elements, check out our free demo.


Previous Article
OWASP Top 10 Vulnerabilities | Security Compass
OWASP Top 10 Vulnerabilities | Security Compass

The OWASP Top 10 focuses on security concerns for web applications. Read on to learn more about the top 10 ...

Next Article
SD Elements Expands its Support for Operational Security
SD Elements Expands its Support for Operational Security

Our expert platform has now been expanded to support operational security.

Learn how you can use SD Elements to integrate security into software development.

Watch Video