Track Talk

API Security: Cyber Chaos when you don’t authorise requests properly

Ken Munro

11:15-11:45 CEST Wednesday 29th September

By far the most common and most damaging of cyber security vulnerability categories in smart (e.g. IoT) devices is in the API. Get ‘cyber’ wrong there and you have an instant and total compromise of the device, the data and the platform. Yet API security and request authorisation are easily tested for and easily detected. Why do so many developers miss this?

We are experts in IoT device security. Many of the large smart device hacks you have seen in the press are from our research. Learn from us, learn from the mistakes of others, and deliver better, more secure APIs to your customers. Along the way we will show you numerous examples of real-world products where API requests went wrong. From airplanes to kids toys to smart watches to ships to cars and many more.