Addressing Top API Security Risks

A talk given by Judith Kahrer from Curity at Nordic APIs 2023 Platform Summit.

The Open Worldwide Application Security Project (OWASP) re-evaluated security risks related to APIs and published an update for the Top 10 API Security Risks document early 2023. This talk highlights how to mitigate the top of the top with one simple measure: OAuth. It introduces best practices, and provides insights on how OAuth can address Broken Object Level Authorization (BOLA) and Broken Authentication to improve API security.

Further Reading:

More Live presentations videos

How to Build a Fortress with the Security of a Tent

Who Needs That FAPI Thing, Anyway?

Panel Discussion: API Authorization

The Swedish Chef Would Be Proud: Cooking up a Secure API in Minutes – Instructions Included

OAuth Well Played – Mods and Combos for the Cloud Native API Security Game

Show Me Your Wallet to Tell Me Who You Are - Using Verifiable Credentials with OAuth

Ditch the Browser, Native API-Driven App Authentication with Passkeys

Military-Grade Security for APIs

Decentralized Identities Changes Everything, Even Your APIs

Browserless OAuth Flows in Mobile Apps Using a Hypermedia API

OAuth and OpenID Connect - What's next?

Curity on ProgrammableWeb's Developers Rock Podcast

OAuth Tokens As Your Identity API

OAuth Claims Ontology: Using Claims in OAuth and How They Relate to Scopes

Jacob Has a Horse, Says Travis – a Tale of Truths In a Microservice Architecture

Scalable API Security Using OAuth

Financial Grade APIs Using OAuth and OpenID Connect

Security Is a Concern, Let’s Make It an Enabler

Securing APIs in a Cloud Native Environment Using OAuth

Securing APIs and Microservices with OAuth and OpenID Connect

OAuth and OpenID Connect for PSD2 and Third-Party Access

Next steps

Ready to modernize IAM?

Start Today - Build security and improve ease of use to stay ahead of the competition.

Start a Free Trial

Book a Call

Speak to an Identity Specialist

Explore learning resources