Conference:  OWASP 20th Anniversary Event

Authors: Edwin Kwan

2021-09-24

The number of security incidents and data breaches are increasing. It feels like not a week goes by without hearing of another breach or compromise. Are we getting worse at doing security? In this talk I'll provide my opinion on this, from an application security perspective, by taking a look at how software development has changed over the years. As we move towards Cloud Native workloads, staying secure is harder; and it's not always your developers' fault.

Conference:  OWASP 20th Anniversary Event

Authors: Isabelle Mauny

2021-09-24

APIs present new vulnerabilities and require specific security measures to protect data

• APIs have changed the way we write applications and moved security controls to the client side, leaving data vulnerable
• APIs create new vulnerabilities and require specific security measures
• Data protection is a critical issue for APIs, and validation of data inputs is necessary
• Parlor is an example of a social network that suffered a data breach due to zero authentication, no rate limiting, and sequential IDs