Top Things You Need to Know About API Security

February 6, 2024

Watch the Webinar

Browse the Deck

The flipside of the exponential adoption of APIs over the past decade has been the upsurge in the sheer volume of API attacks. Stories of API security breaches are everywhere which shines a harsh spotlight on the ease of API abuse and the complexities of robust API security. Join this webinar as two of the industry’s leading experts guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs. 

They dive into some new and old crucial vulnerabilities highlighted in the recent OWASP API Security Top 10, such as enforcing the authorization variants (BOLA, BFLA and BOPLA), protecting authentication endpoints and JWT validation. They also bring the threats to life with several demos, providing a practical look at how these vulnerabilities can be exploited, but also how they can be prevented through a combination of design-time and run-time protection.

At the end of this session, you will have an actionable set of guidelines to assess and improve the security of your APIs in the face of a number of identified threats.


Philippe Deryck
Dr Philippe de Ryck

Web Security Expert

Pragmatic Web Security

Dr. Philippe De Ryck helps developers protect companies through better web security. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. As the founder of Pragmatic Web Security, Philippe delivers security training and security consulting to companies worldwide. His online course platform allows anyone to learn complex security topics at their own pace.


Isabelle Mauny FIN3 copy
Isabelle Mauny

Field CTO


Isabelle is co-founder and field CTO of 42Crunch where she advises Global 2500 firms on their API security strategies. She held a variety of technical roles at IBM working with the world's largest organizations as a solutions architect and services professional. She then led Product Management at Vordel (acquired by Axway) before joining WSO2 as VP Product Strategy. Isabelle is passionate about delivering customer-focused solutions

Latest Resources


How to Protect APIs from OWASP Authorization Risks: BOLA, BOPLA & BFLA

By Hugh Carroll | February 20, 2024

The OWASP API Top Risks listing identifies three different Authorization challenges  Coding issues relating to Authorization configuration failures continue to present a significant challenge for development and security teams building and protecting APIs. Just read any issue of our fortnightly APIsecurity.io newsletter and you’ll discover that Authorization-based breaches […]


42Crunch And Microsoft’s Defender for Cloud Partner to Deliver End-to-End API Security

By Newsdesk | November 15, 2023

San Francisco, CA, November 15, 2023 10AM PST
42Crunch and Microsoft integrate services to help enterprises adopt a full-lifecycle approach to API security
Today 42Crunch, the API DevSecOps platform, announced the integration of 42Crunch’s API security audit and vulnerability testing solution with Microsoft Defender for Cloud to provide Microsoft customers continuous API protection from design to runtime.


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.