APIsec University

Thank you to everyone who made today's APISEC|CON API Testing Edition an amazing event. Our speakers were incredible, dropping so many valuable tips, resources, and links that we could barely keep up! ICYMI - never fear, all the sessions will be edited and posted up to our YouTube channel for your weekend viewing pleasure. And, here are all the links/happenings that Dan Barahona and Corey J. Ball shared in their opening remarks. Capture the Flag: https://lnkd.in/eiSaaw3J? CASA + ASCP Discount Code: AU100K APIsec University Discord: https://lnkd.in/gpgRNhxx March API Security Workshop: https://lnkd.in/gmC4E_pt Ambassadors: https://lnkd.in/gzGj4E-T hAPI labs: https://hapilabs.ai/apisec APIsec Scanner: www.apisec.ai/sign-up API Security Challenge: https://lnkd.in/gNbnnzHk APISEC|CON 2025: https://lnkd.in/gm8stpih CFP: open now - https://lnkd.in/g5JN6P3h

3, 2, 1....?? ?? Just a few more hours until we share a stage with the legendary NahamSec at the APISEC|CON keynote, "OSINT x API Hacking The Unlikely Duo You Never Knew You Needed." Register here ?? https://lnkd.in/gm8stpih ?? Keynote Noon ET OSINT x API Hacking: The Unlikely Duo You Never Knew You Needed Explore the powerful intersection of open-source intelligence (OSINT) and API hacking. Discover how to leverage publicly accessible resources like GitHub and Postman to uncover application vulnerabilities and hidden pathways. Whether you're a seasoned hacker or a curious beginner, this talk will equip you with practical techniques to identify and exploit weaknesses in APIs using the wealth of information available online.?

Who's ready to venture into the unknown? Let Phillip Wylie take you on a journey to find and protect your exposed APIs in his talk, "API Security Through External Attack Surface Management" at tomorrow's APISEC|CON API Testing Edition. Register here ?? https://lnkd.in/gm8stpih ?? Track 2 2:30 - 3:000pm ET API Security Through External Attack Surface Management APIs are widely used and have made life easier for developers. As with other internet-exposed assets, many organizations are unaware of exposed APIs. It is hard to protect APIs if you don’t know about them. In this talk, we will discuss using external attack surface management to address this issue.

LAST CHANCE! Only a few seats left for tomorrow's APISEC|CON event. It would be a shame to miss José Haro Peralta's talk, "A Test-driven Approach for API Security" (and the shot at winning a free copy of his book, Microservice APIs). Register here ?? https://lnkd.in/gm8stpih ?? Track 2 1:30 - 2:00 pm ET A Test-driven Approach for API Security APIs are your application's biggest exploit, making API security complex. Understanding our threat model allows us to prioritize concerns, test effectively, and address vulnerabilities.

You may go back into the water, but you'll definitely never think of API security the same way again. Don't miss the thrilling session, "Seeking API Security in a Hostile World" with Chris St Amand, B.S., CSM. Register to catch this and other APISEC|CON API Testing Edition talks this Thursday, February 27. ?? https://lnkd.in/gm8stpih ?? Track 1 1:30 - 2:00pm ET Seeking API Security in a Hostile World This is a CIO/VP/Director focused session that goes over the challenges and need for API security as it relates to the 1975 movie classic "Jaws"

Catch a rising star! This might be your last chance to say, "I saw her when..." Damilola Akinsola has plenty of gems to share in her talk, "API Sprawl: A Core Challenge in Modern API Pentesting." Catch Damilola and other API security experts at APISEC|CON this Thursday, February 27. Register at ?? https://lnkd.in/gm8stpih ?? Track 2 1:00 - 1:30pm ET API Sprawl: A Core Challenge in Modern API Pentesting. As organizations grow, APIs multiply, often unmanaged and undocumented creating serious security blind spots. I’ll share how I’ve seen API sprawl complicate pentesting efforts, the risks it introduces, and practical steps you can take to identify and secure your entire API ecosystem.

The countdown is on -- only 2 more sleeps until APISEC|CON API Testing Edition!! We can't wait to hear the inimitable Katie Paxton-Fear in her session, "I for one do not welcome our new robot overlords: An introduction to manual API testing." Check out Katie's session details and register at ?? https://lnkd.in/gm8stpih ?? Track 1 1:00 - 1:30pm ET I for one do not welcome our new robot overlords: An introduction to manual API testing In a world where AI seems to dominate marketing and the news cycle this talk will be a relaxed session that covers how to do things manually. From API reconnaissance to the API security toolbox, to hacking techniques and vulnerabilities, in an age of overwhelming numbers of tools it can be difficult to get what you need, so let's go back to basics, what do you really need to do API testing anyway?

Calling all AU Alumni (and friends)... Ready to flex your API security skills AND make some money? Don't miss the One Request to Rule Them All CTF this Thursday, February 27. Over ?? $10k USD in cash and prizes, plus forever bragging rights in the AU community. Register here: https://lnkd.in/eiSaaw3J

We’ve locked in the program for?APISEC-CON API TESTING EDITION, and it’s going to be amazing! Check out this speaker lineup: ??? Ben Sadeghipour ??? Katie Paxton-Fear ??? Corey J. Ball ??? Tanya Janca ??? Phillip Wylie ??? Damilola Akinsola ??? Michael Lisi ?? José Haro Peralta ??? Chris St Amand, B.S., CSM ??? Thomas Freeman, “making it safer” These experts are at the top of their game, and we're beyond grateful for their time and insights. Don’t miss out! Join us on February 27th, 12-3 PM ET.

?? 100,000 students and counting! ?? APIsec University just hit a HUGE milestone—over 100,000 students learning how to secure APIs! ?? From developers to security engineers, teams across the world (including over 75% of the Fortune 100) are leveling up their API security skills with free courses. This is proof that API security is no longer optional—it’s a must-have skill. ?? To celebrate, we’re offering 50% of all APIsec University exams through the end of February! If you’ve been thinking about getting certified, now is the time. Use this coupon code: AU100K ?? Thank you to our community for making APIsec University the #1 place to learn API security! And huge thank you our leader, Corey J. Ball, to Christine Stevenson Bevilacqua for making this site a reality, and to our awesome instructors: Anthony Aragues, Gabrielle B., Jason Harmon, Jacob Ideskog, Teresa Pereira, Shaked Edri, Tom Kaplan, Mareko (Kay) James, Aubrey King, Erik Wilde, Audrey Kolski, Jeremy Glassenberg, Mike Amundsen, Ilona Koren-Deutsch. #APIsecurity #Cybersecurity #DevSecOps #Learning #Milestone #APIsec