With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.

Comments

Comments are closed.

Rated 5

Anonymous at 10:51 on 10 Mar 2018

Lots of great info with code examples. The Github example project is especially nice.

Wow! I wish I could have private lessons from this guy! Awesome lecture and really good examples.

Rated 4

Brian Fenton at 10:53 on 10 Mar 2018

Really thorough overview of API security threats and mitigations, with recommendations. A lot of heavy code near the end that would be good to have for later reference as samples (may be available, didn't look yet). Confident, knowledgeable speaker.

Rated 2

Riley Major at 10:54 on 10 Mar 2018

Speaker seemingly rushed through some general information and spent most of the time quickly walking through some code which used a particular encryption management mechanism (JOSE/JWT), but without sufficient background for me to understand its use.

Great talk. His knowledge of API security shined.

Rated 4

Alex Barrett at 11:04 on 10 Mar 2018

There was a lot of great content, some technical difficulties, and it felt a little rushed. I with the presenter had 2 hours.

Rated 4

Dave Buchanan at 11:04 on 10 Mar 2018

Well presented, speaker demonstrated expert level knowledge. Loved the example walk through.

Rated 5

Greg Lyon at 11:06 on 10 Mar 2018

Good coverage of a very dense topic! (I wish I had more background for this one)

Rated 4

Justin Foell at 11:59 on 10 Mar 2018

Very good. Almost too much material for the time. Wish we could have delved into the part of the request and how they relate to the code in more detail. Maybe consider a "minimum required" set for future presentations?