sacon - api security (suhas desai)
Post on 21-Jan-2018
1.354 Views
Preview:
TRANSCRIPT
SACON
SACONInternational2017
SuhasDesaiAujas
VP– DigitalSecurity@desai_suhas
India|Bangalore|November10– 11|HotelLalit Ashok
APIEconomy:Trends,Risks&SecurityGovernance
SACON 2017
Trends– BankRobots
SACON 2017
Trends– TelematicsInsurance
SACON 2017
Trends– ArtificialIntelligence
SACON 2017
Trends– DigitalIndia&Aadhaar
SACON 2017
Trends– APIBanking
SACON 2017
Quiz
main(){int i=7;printf(“%d”,i++*i++);
return0;
}
SACON 2017
236358
477 552 625 658
2015 2016 2017 2018 2019 2020
APIManagementMarketSize- US($m)
Top10Trends&Predictionsfor2017
SACON 2017
API API Management Platforms API Banking
An ApplicationProgrammingInterface (API)isAset
of routine definitions,protocols,andtoolsforbuilding softwareand
applications. (Source:Wikipedia)
ManagesAPIlifecycle.Itistheprocessofpublishing,promotingandoverseeingAPIsinasecure,scalableenvironment.
APIBankingenablesdigitisationoftheB2Bsupplychain.ItallowsorganisationsERPandB2BsystemstointegratewithBankspayment
Systems.
WhatisAPIsandAPIManagementPlatforms?
SACON 2017
APIBankingInitiative
SACON 2017
Why we need API Security
Digitalbusinessesexperiencinghackersattentiontoexploremonetarybenefitsbyexploiting:
§ AuthenticationModuleIntegrations
§ APIIntegrationswithGateways
§ APIMessageCryptography
§ GovernanceissuesinAPIEconomy
§ WeakCommunicationChannels
§ InsecureAPIPlatformImplementations
§ GovernanceissuesinAPIandCryptoKeys
During digital initiatives, organizations opens its APIs and APImanagement platforms. There are possibilities to haveunauthorized access to these exposed APIs during various insecureintegrations
WhyweneedAPISecurity?
SACON 2017
APIinDigitalChannels- ArchitectureandSecurityRiskAreas
SACON 2017
SecureAPILifeCycleManagement
SACON 2017
SecureGovernance
SACON 2017
• HappyAPIEconomy!
• SecureAPIIntegrations
• APIManagementPlatforms
• SecureGovernance
Summary
top related