Originally from Argentina, I have been living in the Barcelona area for +20 years. Started in the IT world on 2006, building my career within the Finance and Insurance business. My path at Allianz Technology started as an analyst programmer in different areas (business oriented and also more technical tasks), I have also been working on development support tasks and a brief DevOps period, until my current position as a Security Architect
APIs aren’t new, nor are cyber-threats. In fact, there has been a rapid growth on the attack surface with threats to our backend systems the minute our code hits production. This raises the question: Are we applying API security effectively, or at all?
API Management platforms offer a significant advantage by allowing centralized security configurations and policies. This expedites API deployment to production, by making it easier for developers with limited security knowledge to implement such measures. Consequently, delegating these actions to developers instead of only relying on security experts to apply them, promotes awareness and adoption of good security practices among peers.
In this talk, I’m going to show you what the API specific vulnerabilities are and walk you through the blueprints for building up the security layers around APIs, with a specific focus on API Managers, and how you can use them to enhance API for inbound connections from different origins such as third-party consumers or mobile devices.
No matter which API management solution you choose, you’ll gain some insight on how to apply API security and become a security champion yourself!
Searching for speaker images...