Is it the OWASP API Security Top 10, or just 5?

Featuring

  • Harness

About This Webinar

Security teams face many challenges with API uniqueness and distribution in cloud environments, particularly with the rise of AI/ML and Generative AI services.

The OWASP API Security Top 10 is often an organization's starting point, but five of the risks are commonly gaps for security programs and respective API security tools. Organizations need context-aware, multi-tiered security to safeguard their API-centric and AI-native applications.

  1. Mackenzie Putici

    Host Mackenzie Putici Webinar Moderator Future B2B

  2. Mike Isbitski

    Featuring Mike Isbitski Principal Product Marketing Manager Harness

What You'll Learn

  1. Five OWASP API security risks cause heartburn: Broken Object Level Authorization (API1), Broken Object Property Level Authorization (API3), Broken Function Level Authorization (API5), Improper Inventory Management (API9), and Unsafe Consumption of APIs (API10) are frequent gaps for organizations and the tools they use.
  2. Hybrid positioning is crucial: Effective mitigation requires application-level controls to address the unique business logic and distributed nature of APIs. Traditional edge- and perimeter-based security controls alone are insufficient for AI-native applications.
  3. Protection must be tailored for Business Logic: Security measures must be specifically designed to prevent manipulation of each API's business logic, APIs must be continuously documented, and third-party API consumption must be closely monitored.