Enterprises
Individuals
Enterprises
Individuals
Menu
Menu
Sign in
Product
Solutions
Pricing
Resources
Learn
Hands-on Labs
Courses
Learning Journeys
Challenges
Cloud Sandboxes
Playgrounds
Measure
Assessments
Tournaments
Certifications
Reports
Integrate
SCORM & LTI
SSO & SCIM
Our Learning Platform
Get Started Today
Book a demo
Get free trial
Contact us
Industries
Manufacturing
Government
Finance
Technology
Healthcare
Defense
Retail
Teams
C-suite
Security Teams
Engineering Teams
For L&D
We’ll help you
Achieve ROI
Achieve Compliance
Reduce Risk
Measurable Increase in Skills
Instructor Led Training
Success Stories
View all
View Enterprise Plans
Resources
E-books
Case studies
Webinars
Blog
Support
AppSecEngineer 101 Guide
Help Center
Discord
Teams
For C-suite
For Engineering Teams
For Product Teams
For L&D
What’s New
View all
How to Protect Your Organization from AI Threats Using Role-Based Security Training
Are Your Management Practices Pushing Your Security Team to the Brink?
X
X
X
Intermediate

API Security: Attack and Defense

Step into the Spotlight with AppSec Expertise: Use coupon ‘SKILLUP30’ and get 30% Off on Individual Pro Annual Plans.
Learning Path
Advanced Application Security
Ideal for
Developer
Security Engineer
Pentester
9
Hours
28
Lessons
7
Cloud Labs

“Distributed” is the name of the game today, and web applications are no different. They’re often divided up into smaller ‘microservices’ and work with multiple clients, from browsers and mobile applications to other services.

This has resulted in many older websites becoming APIs, or Application Programming Interfaces. Today, APIs are ubiquitous and companies are adopting, developing, and harnessing their potential at massive scale.

In this API Security course, we take a deep-dive into both offensive and defensive techniques. We explore vulnerabilities that are specific to Web APIs, specifically REST APIs, and look at how these vulnerabilities can be exploited by malicious actors.

Subsequently, we look at defense, where we explore deep-rooted strategies in addressing these vulnerabilities comprehensively. All of these lessons will be taught with the aid of our world-renowned hands-on labs that show you not only what you should do, but how you should do it.

We’ll explore this class through the lens of the now-famous OWASP API Security Top 10 Document that defines the Top 10 API Vulnerabilities that currently affect Web APIs.

Get STARTED

You might also like these courses

JWT Jiu-Jitsu

OAuth and OIDC Essentials

Secrets Management with Hashicorp Vault

Or explore these Learning Paths

AI & LLM Security
Google Cloud Security
Threat Modeling
Kubernetes Security
DevSecOps
Container Security
Azure Security
AWS Security
Advanced Application Security
Application Security Essentials

Labs

PK-based IDOR

Verb Tampering

IDOR Mass Assignment

Casbin with ACL

Input Validation - Request filter

JSONSchema

Excessive Data Exposure

Course Content

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
QUICK LINKS
Sign InSign UpPrivacy Policy
E-BOOKS
Beginner's Guide to
a Career in AppSecTrain your Teams to Fly
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

68 Circular Road, #02-01, 049422, Singapore

Copyright AppSecEngineer © 2023