Insights for secure API usage in conjunction with security automation and orchestration

Presented at BSidesDC 2019, Oct. 27, 2019, 1:30 p.m. (50 minutes)

Organizations are expanding the use of automation and orchestration in their security operations. An indication of this is the sharp rise in the adoption of Security Orchestration Automation and Response platforms. The security of these platforms is a key concern, and in particular the security of API keys used by both the SOAR platform and Security Operations Center personnel. The exposure of APIs from security tools is crucial to permitting automation and orchestration, however it is also important to secure the usage of these capabilities. This presentation highlights methods for securing API usage and ways to remediate compromised API keys.

Presenters:

• Cody Bramlette - Cybersecurity Engineer at Johns Hopkins University Applied Physics Laboratory
  Cody Bramlette IACD Team Johns Hopkins University Applied Physics Laboratory Security+, SSCP, Associate CISSP

Links:

• https://bsidesdc2019.busyconf.com/schedule#activity_5d123c2bb86ca9d8e80000fd

Similar Presentations:

• Black Hat USA 2014 / Pragmatic Security Automation Roundtable
• AppSec USA 2017 / An Overview of API Underprotection
• BSidesDC 2019 / Bringing IACD (Integrated Adaptive Cyber Defence) to the Financial Sector