homepage
Open menu
Contact Sales

API Security Flight School – Aviata Cloud Solo Flight Challenge Chapter 7

This workshop supports content from SEC522: Application Security: Securing Web Applications, APIs, and Microservices

Modern distributed applications heavily implement and depend on APIs. often used like traditional libraries or local software components and share some of the same supply chain risks, they are likely to be exposed to third parties, making them that much more vulnerable.

In this lab, you will gain practical, hands-on experience to better understand common attacks and explore effective defense strategies that you can begin to implement right away.

Each monthly workshop in the series is independent of the others. There are no technical or educational dependencies from one to the others.

Who Should Attend

This workshop is ideal for any cloud security professionals or developers who want to deepen their understanding of API security fundamentals and gain hands-on experience in defending against real-world API attacks.

Learning Objectives

  • Grasp API Security Fundamentals
  • Understand the intricacies of REST API
  • Identify and mitigate API Access Control Flaws, including BOLA/BFLA
  • Implement JWT tokens within OAuth securely
  • Hack and defend JWT tokens effectively
  • Detect and prevent SSRF attacks

Scroll down for system requirements.

Login to Register
Aviata Chapter 7 - API Security Flight School

System requirements

  • System with Firefox or Chrome + Postman

Prerequisite Knowledge

  • Basic understanding of HTTP protocol
  • Usage of browser developer tools

Follow the Aviata Cloud Solo Flight Challenge Workshop Series throughout 2024 with free monthly cloud security workshops that will walk you through how various knowledge and hands-on skills work together to create a secure cloud environment for your organization. Read the associated blog post here.