APIs are the software glue that make our connected world work. Ordering food, monitoring cameras, buying tickets from your phone - APIs make it all possible. But how secure are they? Countless companies including Facebook, Venmo, the US post office, and many other major organizations have suffered from vulnerabilities in APIs. Come learn from Dr. Jared DeMott and Mr. Michael Fowl - about the types of APIs, how they are created and work, and a straightforward CI/CD approach to securing them.
Dr. Jared DeMott is the Founder of VDA Labs, a full-scope cyber security company. DeMott previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on cyber matters at conferences like RSA, DerbyCon, BlackHat, ToorCon, GrrCon, HITB, etc. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the US Military Academy. Jared is a Pluralsight author, and is often interviewed by Media to weigh in on cyber matters. Michael Fowl – Senior Information Security Trainer and Consultant, is an award winning purple team hacker. He has participated in several bug bounty programs, such as the inaugural “Hack the Pentagon” program, frequently placing among the top ten participants. Michael has led hundreds of social engineering, application audit, and network pentests. He’s found 0day on a number of VDA engagements, including in Auto, IoT, embedded systems, and much more. Mr. Fowl holds his CISSP, GXPN, GWAPT, CEH, and loves teaching VDA labs training classes.