Learning path
API Security Fundamentals with OWASP top 10
Skill Level
Fundamentals
Duration 3 hours 20 minutes
Updated Jul 8, 2024
About this learning path
In today's digital age, Application Programming Interfaces (APIs) have become the backbone of modern software development. They allow different software systems to communicate with each other, enabling a wide range of functionalities from simple data retrieval to complex integrations. However, with the increasing reliance on APIs, the importance of securing them has never been greater.
This course, "API Security Fundamentals with OWASP Top 10," is designed to equip you with the knowledge and skills necessary to identify, exploit, and defend against the most common API security vulnerabilities. Whether you are a developer, security professional, or simply interested in learning more about API security, this course will provide you with a comprehensive understanding of the OWASP API Security Top 10 vulnerabilities and how to mitigate them.
Your instructors
Loading
Prerequisites
- It is recommended to go through the module "Automation Programming Interface (API) Fundamentals" covering "REST and GraphQL APIs" from WWT's "Automation Core Concepts" Learning Path.
- Basic understanding of web technologies (HTTP/HTTPS protocols).
- Familiarity with API tools (Postman, Burp Suite, FoxyProxy).
- Basic security concepts like understanding of common security principles (e.g., authentication, authorization, encryption).
What you'll learn
- Introduction to API Security: Understanding the importance of API security and the significance of the OWASP API Security Top 10 (API2023).
- OWASP API Security Top 10 (API2023) Vulnerabilities: Overview of the top 10 API security risks identified by OWASP for 2023.
- Practical Demonstrations: Using crAPI (Completely Ridiculous API) for real-world vulnerability examples and hands-on exercises.
- Tools and Techniques: Utilizing Postman, Burp Suite, and FoxyProxy for creating, testing, and securing APIs.