VIRTUAL - API Security and Legal Risk Management

When:  Mar 25, 2024 from 12:00 to 13:00 (CT)
Associated with  Springfield, Missouri Chapter



APIs are transforming our digital worlds by enabling the next industrial revolution driven by AI/ML and IoT solutions. APIs impact organizations both positively (through innovations, newer business models, competitive differentiation, etc.) and negatively (due to security vulnerabilities, business disruptions, legal and compliance issues etc.). These impacts are growing profoundly with evolving API ecosystems within enterprises as well as globally.
Industry Trends: (1) 96% of applications contain some Open Source. Source: Black Duck 2020; (2) 83% of internet traffic is via APIs vs 17% HTML. Source: Akamai 2019; (3) 99% of Open Source applications contain some Web APIs. Source: TeejLab 2021; (4) By 2021, 90% of web-enabled applications will have more surface area for attack in the form of exposed APIs rather than the UI, up from 40% in 2019. Source: Gartner; (5) By 2022, API abuses will be the most frequent attack vector resulting in data breaches for enterprise web applications. Source: Gartner Research, "How to Build an Effective Security Strategy". Given these trends it is imperative for Security, Compliance and Audit professionals to get a handle on APIs before things get out of control, if not already, by managing API risks proactively. This session will provide an overview of an API governance framework to manage API security and compliance risks. This framework is inspired by the Zero Trust model that enterprises can adopt for effective API Risk Management. We’ll highlight best practices, both manual and automated, with relevant tool recommendations. Participants will have an opportunity to exercise use cases using these tools: 


  • 15 mins: Global and Enterprise API Ecosystems
    • Global View
    • Enterprise View
  • 15 mins: Classification of API Risks
    • Security and Legal Risks
    • Financial and Operational Risks
  • 25 mins: Zero Trust Model
    • Zero Trust Resources
    • Zero Trust Tenets
  • 5 mins: {Q&A}


Online Instructions:
Login: There will be a Meeting ID and Passcode sent to your email before and during the day of the event.
Event Image