Latest details, requirements, description, cost: https://defcontrainings.myshopify.com/products/aubrey-labuschagne-william-marianka-botes-pragmatic-api-exploration
Training description:
The use of Application Programming Interfaces (APIs) have become ubiquitous as business expose and consume services.
Therefore, the threat landscape of organizations increases with the adoption of APIs. The content of the course creates awareness around the various attack vectors used targeting APIs and provides actionable mitigation strategies.
The aim of this course is to empower you to conduct a risk assessment of an API. This hands-on course covers API basics, setting up a test environment, API threat model, API protocols and architectures, typical vulnerabilities, enumerating an attack surface and best practices around security.
Moreover, it focuses on gaining practical experience of the OWASP Top 10 for APIs. In addition, you would be gaining practical experience on exploiting typical vulnerabilities on RESTful (REST) APIs and GraphQL. The course concludes with a capture the flag (CTF) to apply knowledge gained during the course.