“In 2008, API security was too important to let others do it for you. In 2018 API security is too important to do it yourself.”
Privacy, Security and Identity are the topics of the year. Equifax, India’s biometric database, Facebook's breach of trust, Tesla's cars, Apple iCloud, Snapchat/Snapsaved's hacks.... These scandals have been caused by a lack of API Security or an unsafe Identity Management. You can name them: DDoS, Cash overflow. MITM, Brute forcing non-rate-limited API endpoints, OAuth vulnerabilities, improper use of CORS, Cross-site request forgery (CSRF), flawed session management, too permissive OAuth scopes... You just need to be wrong once to get all your security efforts wasted. And in the context of the GDPR regulation, it can lead to a fine of 4% of your total revenue. All of these are API-driven practices and can be avoided with a good API management. ?
Welcome to the programmable web, where every interaction is designed to be automated, scalable. So are abuses and threats.
We gathered the best experts and companies on API security and Identity management to talk about how every app and every API should be secured and what is the state of the art of Access control & Access level management, Identity management and identity delegation with OpenIDConnect, User-Managed Access, and Blockchain based identity.
Hear and Meet:
- Eve Maler, VP Innovation and Emerging Technologies at ForgeRock, co-creator of User Managed Access protocol
- Sebastien Tricaut, Principal Security Strategist at Splunk
- Scott Morisson, SVP Engineer at CA Technologies, co-author of the book "Securing Microservices APIs"
- David Chasteen, CSO of the city and County of San Francisco
- Keith Casey, API Problems Solver at Okta, co-author of the book"API design principles"
- John Koetsier, journalist, analyst and futurist at Forbes, Inc Magazine, VentureBeat and Business Insider
- Sarah Squire, Sr. Technical Architect at Ping Identity
- Joel Lord, Developer Evangelist at Auth0
- Evelynn de Souza, Security and Privacy Strategy Leader, ex Cisco and McAfee
- Bernard Harguindeguy, CEO and Co-Founder at ElasticBeam
- Jean Baptiste Aviat, Co-Founder and CTO at Sqreen (YC 2018)
- Isabelle Mauny, CTO and Co-Founder at 42Crunch
- Soonhin Khor, CTO at RingCaptcha/Oauth.io
- Kyle Marsh, Principal Program Manager at Microsoft
- Renata Budko, CMO at Wallarm
- Medhi Medjaoui, lead API Economist at API Academy, founder of OAuth.io and APIdays
About APIDays.io:
APIDays is the leading series of conferences in APIs and the programmable economy. We've organized 31 events and featured 1,200 speakers in 11 countries. Join us for our next event "Identity in the API World" on July 31st 2018 in San Francisco!
“In 2008, API security was too important to let others do it for you. In 2018 API security is too important to do it yourself.”
Privacy, Security and Identity are the topics of the year. Equifax, India’s biometric database, Facebook's breach of trust, Tesla's cars, Apple iCloud, Snapchat/Snapsaved's hacks.... These scandals have been caused by a lack of API Security or an unsafe Identity Management. You can name them: DDoS, Cash overflow. MITM, Brute forcing non-rate-limited API endpoints, OAuth vulnerabilities, improper use of CORS, Cross-site request forgery (CSRF), flawed session management, too permissive OAuth scopes... You just need to be wrong once to get all your security efforts wasted. And in the context of the GDPR regulation, it can lead to a fine of 4% of your total revenue. All of these are API-driven practices and can be avoided with a good API management. ?
Welcome to the programmable web, where every interaction is designed to be automated, scalable. So are abuses and threats.
We gathered the best experts and companies on API security and Identity management to talk about how every app and every API should be secured and what is the state of the art of Access control & Access level management, Identity management and identity delegation with OpenIDConnect, User-Managed Access, and Blockchain based identity.
Hear and Meet:
- Eve Maler, VP Innovation and Emerging Technologies at ForgeRock, co-creator of User Managed Access protocol
- Sebastien Tricaut, Principal Security Strategist at Splunk
- Scott Morisson, SVP Engineer at CA Technologies, co-author of the book "Securing Microservices APIs"
- David Chasteen, CSO of the city and County of San Francisco
- Keith Casey, API Problems Solver at Okta, co-author of the book"API design principles"
- John Koetsier, journalist, analyst and futurist at Forbes, Inc Magazine, VentureBeat and Business Insider
- Sarah Squire, Sr. Technical Architect at Ping Identity
- Joel Lord, Developer Evangelist at Auth0
- Evelynn de Souza, Security and Privacy Strategy Leader, ex Cisco and McAfee
- Bernard Harguindeguy, CEO and Co-Founder at ElasticBeam
- Jean Baptiste Aviat, Co-Founder and CTO at Sqreen (YC 2018)
- Isabelle Mauny, CTO and Co-Founder at 42Crunch
- Soonhin Khor, CTO at RingCaptcha/Oauth.io
- Kyle Marsh, Principal Program Manager at Microsoft
- Renata Budko, CMO at Wallarm
- Medhi Medjaoui, lead API Economist at API Academy, founder of OAuth.io and APIdays
About APIDays.io:
APIDays is the leading series of conferences in APIs and the programmable economy. We've organized 31 events and featured 1,200 speakers in 11 countries. Join us for our next event "Identity in the API World" on July 31st 2018 in San Francisco!
read more
show less