081. PenTesting APIs
Hacked Off12 Nov 2020

081. PenTesting APIs

Application Program Interfaces have increasingly become a target for hackers. With 6 of the OWASP Top 10 vulnerabilities being API related, it is no surprise that OWASP released their first list of API Security Top 10, last year. For those wanting to better understand the process of API penetration testing, Holly Grace takes you through the process, from scoping the job to which vulnerabilities to look out for. 0'16 What is an API? 2'11 Scoping an API test 4'11 Making API testing more efficient 5'54 What vulnerabilities are we looking for? 8'29 Rate limiting 9'52 The Google+ API bug Useful links: OWASP API Security Top 10 - https://owasp.org/www-project-api-security/ Listen Time: 12 minutes Host: Holly Grace Williams, MD at Secarma

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(108)

108. IASME: IOT Security Compliance

108. IASME: IOT Security Compliance

Following audience responses to Pod 107 with Jason Blake, Secarma Jen Williams has circled back to do a deeper dive into the PSTI legislation and IoT devices. With the legislation going live at the e...

22 Apr 202426min

107. Jason Blake: IoT and PSTI

107. Jason Blake: IoT and PSTI

Secarma Head of Testing, Simon Chapman, takes over the hosting duties as the Hacked Off podcast returns. Episode 107 focuses on IoT and the new regulations that are forcing manufacturers to place secu...

6 Feb 202424min

106. Simon McNamee: Optimising Security Services

106. Simon McNamee: Optimising Security Services

In this episode of Hacked Off, Holly interviews Simon McNamee - Secure Impact's Security Technology Lead. This week, they discuss what issues security experts often encounter when working with busines...

29 Okt 202143min

105. Rob Demain: SOCs and SMEs

105. Rob Demain: SOCs and SMEs

For some organisations, using Security Operation Centre services is a great way to minimise the impact of a possible cyberattack. Moving quickly and effectively, SOCs can detect, analyse and respond t...

15 Okt 202142min

104. David Barr: Cybersecurity CSI

104. David Barr: Cybersecurity CSI

In the cybersecurity world, the digital forensics dept acts as the Crime Scene Investigation team for a business that has fallen foul of a cyber-criminal. DFI techniques are used to investigate and re...

24 Sep 202130min

103. Declan Doyle: Cyber Resilience

103. Declan Doyle: Cyber Resilience

Valuing your SME as ‘too small to get hacked’ can leave you complacent and open to attacks, with little to no defences in place. For those who find cybersecurity daunting, there are organisations out ...

20 Aug 202131min

102. Nick Blundell: Automating Testing

102. Nick Blundell: Automating Testing

The medium of cyber-attacks is code, but the mastermind that drives them is always human intelligence. Systems are created by people, and automated tech still can't understand every nuance that humans...

16 Aug 20211h 5min

101. Greg van der Gaast: Rethinking Recruitment

101. Greg van der Gaast: Rethinking Recruitment

In a time of record unemployment due to the pandemic, it’s strange that cybersecurity job openings receive so little applicants and take 20% longer to fill than typical IT roles. Is there a cyber skil...

6 Aug 202131min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
energi-og-klima
tomprat-med-gunnar-tjomlid
nasjonal-sikkerhetsmyndighet-nsm
elektropodden
hans-petter-og-co
shifter
pedagogisk-intelligens
rss-anleggspraten
fornybaren
teknologi-og-mennesker
rss-snakk-om-sikkerhet
rss-plateprat
rss-ai-forklart
rss-ki-praten
plattformpodden
rss-devops
rss-30-minutter-inn-i-fremtiden