API Security Basics Workshop

Join us for an extended Friday lunch and learn on API security! Explore the OWASP API Top 10, API governance challenges, and real-world API breaches, followed by a hands-on lab with crAPI to tackle live API vulnerabilities!

Take a break, grab lunch, and dive into API security! In this Lunch and Learn session, we’ll start with a 30-minute talk on the current API security landscape, focusing on the OWASP API Security Top 10, the high cost of API breaches, and governance challenges such as shadow APIs and compliance issues with regulations like GDPR. Following the talk, you’ll get “back to work” with hands-on labs with crAPI (Completely Ridiculous API), a vulnerable API designed to teach security fundamentals. This lab will let you explore real-world vulnerabilities like Broken Object Level Authorization (BOLA) and Excessive Data Exposure, giving you practical experience in identifying and addressing these common flaws. Bring your laptop, appetite, and curiosity as we combine learning with practical API security exercises — all in a relaxed lunch setting!