- This event has passed so registration is closed.
Overview
In 2021, the industry witnessed no shortage of API-related security incidents resulting from leaky APIs, vulnerable system APIs, authorization flaws, and more. Companies like Experian, Microsoft, and Peloton all made the news, and some impacts are still playing out. Salt Labs threat research also highlighted potential security issues with Elastic stack deployments and GraphQL adoption. Data breaches aren’t the only area of concern for organizations. Account takeovers, privacy impacts, system compromises, and business logic abuse are equally damaging.
So what does the future hold for us with respect to API security?
Please join us for a handful of API security predictions for 2022 based on some of the learning lessons of 2021. The information can help identify risks you may not have considered and help prioritize projects as part of your organization’s security strategy heading into 2022.
Moderator
Lee Neely – Information Assurance APL, LLNL
Lee Neely is a senior IT and security professional at LLNL with over 30 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He teaches cyber security courses, and holds several security certifications including GMOB, GPEN, GWAPT, GAWN, GPYC, GEVA, CISSP, CISA, CISM and CRISC. He is a current ISSA International Board Member and former ISSA International Director, Member of the SANS NewsBites Editorial Board, SANS Analyst, and Security Weekly podcast host. You can keep up with Lee @lelandneely
Speaker/s
Michael Isbitski – Technical Evangelist, Salt Security
Michael Isbitski is Technical Evangelist at Salt Security, helping to improve awareness and technical understanding in the area of API security. Prior to joining Salt, Michael was a Senior Director Analyst at Gartner for Technical Professionals (GTP). He researched and advised on a range of application security and infrastructure security topics including API security, security testing, secure design, secure SDLC, application protection, container security, Kubernetes security and secure continuous delivery. Michael also has more than 20 years of hands-on practitioner and leadership experience in the fields of application security, vulnerability management, risk assessment, enterprise architecture, and systems engineering.
Recent On-Demand Web Conferences
ISSA Webinars and Conference series cover all the continuing education credits to maintain your cyber security certifications. (CPEs, CEUs, ECE, etc). Each hour is equal to one continuing education credit. Certificates of completion are available upon request after completion. For instructions, click here.