Skip to content
API-University

API-University

APIs your consumers will love

Menu

  • Books
    • API-University Book Club
    • RESTful API Design
    • REST & GraphQL
    • GraphQL API Design
    • AWS AppSync
    • Swagger & OpenAPI 2.0
    • Webhooks – Events for REST APIs
    • API Architecture
    • API Security with OAuth
    • OpenID Connect and JWT
    • Alexa Skills
    • API-University Series (Books 1 – 5)
    • Books by Other Authors
  • Courses
    • Workshops
    • OAuth 2.0 Course
    • OpenID Connect & JWT Course
    • RESTful API Design Course
    • Digital Business with APIs
    • Courses by Other Authors
    • Practical Sessions …
      • OAuth 2.0 Diagrams
      • OAuth at Facebook
      • OAuth at LinkedIn
      • OAuth at Google
      • OAuth at PayPal
  • Blog
    • API-Review
    • API Security
    • API Design
    • API Business
  • Earn
    • API Jobs
    • API Fashion
    • Become a Partner
  • About
    • Newsletter
    • API-University
    • Matthias
  • APIs your consumers will love
    • API Design Overview
    • API Domain Analysis
    • Architectural and Frontend Design
      • REST
      • GraphQL
    • API Prototyping
    • API Implementation
    • API Tools
    • API Security
      • OAuth
      • OpenID Connect
    • API Publication
    • API Evolution & Versioning

API Security

The 10 most critical API security risks – Part 10: Insufficient Logging & Monitoring

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-03-312020-03-17 API Security, Blog Read more

The 10 most critical API security risks – Part 9: Improper Assets Management

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-03-242020-03-24 API Security, Blog Read more

The 10 most critical API security risks – Part 8: Injection

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-03-102020-03-17 API Security, Blog Read more

The 10 most critical API security risks – Part 7: Security Misconfiguration

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. In

mattbiehl 2020-03-032020-03-03 API Security Read more

The 10 most critical API security risks – Part 6: Mass Assignment

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-02-252020-02-25 API Security Read more

The 10 most critical API security risks – Part 5: Broken Function-Level Authorization

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-02-182020-02-18 API Security, Blog Read more

Is the API-key enough? API security issues and their fix

It can be seen over and over again: An API-key is directly embedded in the source code of an app. The most recent incident as of February 2020 is the Iowa caucus app, that contained an API-key right inside the

mattbiehl 2020-02-172020-03-09 API Security, Blog Read more

The 10 most critical API security risks – Part 4: Lack of Resources & Rate Limiting

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-02-112020-02-11 API Security, Blog Read more

The 10 most critical API security risks – Part 3: Excessive Data Exposure

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-02-042020-02-04 API Security, Blog Read more

The 10 most critical API security risks – Part 2: Broken User Authentication

The recently published “OWASP API security top 10” report analyzes the anti-patterns that lead to vulnerabilities and security risks in APIs. In this 10 part series, we introduce these API anti-patterns. Every API professional should know about these anti-patterns. API

mattbiehl 2020-01-282020-01-28 API Security, Blog Read more
  • « Previous

Categories

Recent Posts

  • The 10 most critical API security risks – Part 10: Insufficient Logging & Monitoring
  • The 10 most critical API security risks – Part 9: Improper Assets Management
  • The 10 most critical API security risks – Part 8: Injection
  • Architectural Style for APIs – how to make the choice
  • Desirable Properties of APIs

Tag Cloud

Alexa Amazon API api-keys API-Review API Design APIKey API Portal API Security AppSync AWS Bezos Book clientSecret credentials Design Design Thinking Developer Portal Ecosystem Events GraphQL Identity Jeff Bezos Journey Map JWT Mandate Memo OAuth OpenID Connect OWASP Pattern REST Review Richardson Security Skill Spotify subscriptions Testing tokens User Journey Voice Webhooks

API-University Series

The API-University Book Series is a modular series of books on API-related topics. Want them all? Join the API-University Book Club and save some money.

Read more
Copyright © 2020 API-University. Powered by WordPress. Theme: Spacious by ThemeGrill.