REST API Security for Microsoft Azure Pipelines

Security is an important topic in software development. Unfortunately, security is usually considered too late in software development, and especially in the API lifecycle. Waiting until software and APIs are in production before addressing security concerns can be a severe risk to your organization. Did you know that vulnerabilities found in production cost up to 30x time and money more to fix?

There is a solution: by engaging developers early, educating them on API threats and uncovering real actionable issues in your APIs, you can act swiftly and save a lot of effort downstream.

In this webinar, we will:

• • Explain the concepts behind “shifting left” and how it can benefit your organization, both at quality and security levels.
  • Explain how auditing your OpenAPI (aka Swagger) definitions gives early visibility to developers of potential security issues in APIs implementation.
  • Demonstrate the functionality of the audit and which issues it detects.
  • Describe how you can leverage audit at build time to ensure only contracts at the required level of security quality can be deployed.
  • Demonstrate our new Azure Pipelines plugin and its discovery mechanism.
  • We will be joined in the webinar by Steven Murawski from the Microsoft Azure Cloud Advocacy team.