Defending APIs

Uncover advanced defense techniques to craft secure application programming interfaces

By: Colin Domoney

Write A Review

eText | 9 February 2024 | Edition Number 1

At a Glance

Format
ePUB

eText

$54.99

or 4 interest-free payments of $13.75 with

Instant online reading in your Booktopia eTextbook Library *

Why choose an eTextbook?

Instant Access *

Purchase and read your book immediately

Read Aloud

Listen and follow along as Bookshelf reads to you

Study Tools

Built-in study tools like highlights and more

* eTextbooks are not downloadable to your eReader or an app and can be accessed via web browsers only. You must be connected to the internet and have no technical issues with your device or browser that could prevent the eTextbook from operating.

Get up to speed with API security using this comprehensive guide full of best practices on how to build safer and secure APIs

Key Features

Gain a deep understanding of the inner working of APIs with a sharp focus on security
Learn the tools and techniques of API security testers and hackers by building your own hacking laboratory
Master the art of building rugged APIs with shift-left and shield-right approaches covering the API lifecycle

Book Description

API adoption continues to grow exponentially, but with it, so do security concerns about their implementation and inherent vulnerabilities. If you want to learn more about building, deploying, and managing APIs as your company's first line of cyber defense, then this book is for you. Written by a DevSecOps expert with a wealth of experience, API Security: Attack and Defense Techniques meets the needs of tackling API security with innovative approaches and techniques designed to tackle API-specific safety concerns.

The opening chapters are dedicated to API building blocks, hacking APIs using vulnerabilities, and case studies of recent breaches, while the rest of the book focuses on helping you build the skills needed to secure APIs in practice. Through step-by-step instructions, you'll learn offensive methods for testing vulnerabilities, attacking, and exploiting APIs. Then you'll switch sides and learn about effective defense techniques to secure against common attacks. There are plenty of case studies peppered throughout the book to help you apply the techniques you're learning in practice, alongside in-depth insights and plenty of best practices that will help you build better APIs from the ground up.

By the end of this book, you'll be able to build secure APIs and test them for various API cyber threats.

What you will learn

Explore the core elements of APIs and how they're used in combination to build APIs
Understand the OWASP API Security Top 10 and the root causes of insecure APIs
Gain real-world insight into recent high profile API security breaches with practical examples and analysis
Dive into offensive techniques by learning how to exploit APIs for learning or bug bounty programs
Use shift-left approaches to build APIs that are secure-by-design
Learn how to defend against common API vulnerabilities across several frameworks and languages like .NET, Python, Java, and others

Who This Book Is For

This book is for API developers, software architects, blue-teams, or anyone who wants to get a solid grasp of building secure APIs and microservices. This book is also for pen-testers, bug bounty hunters, and red-teams wanting to understand tools and methods for attacking and exploiting APIs You'll need basic knowledge of software and security to understand the attack vector and defensive techniques explained in the book, but aside from that, you'll get by with a thorough understanding of API security.