Securing APIs, IT PRO Meetup part2

IT Pro Meetup (part 2) – Securing APIs

The second topic covered in the Burgas IT Pro Meetup is Securing RESTful APIs by Zlatomir Haralambov. He is a senior software engineer in Codific mainly involved in projects focussing on security. He said that – some people may try to convince you that you can create a secure API within 10 minutes, but you shouldn’t get fouled. There is a lot of stuff that you have to keep in mind when you work on the security part of your project. You won’t let your car unlocked, why would you do so with your data. Implementing and deploying APIs in a secure manner is essential and Zlati showed us a few tips and tricks.

Mandatory use of the HTTPS.
Implementation of Rate limits.
Proper Authorization
Security Tokens in the Header and the Cookies
CSRF attacks protection
Enforcement of strict CORS policies
Cookies vs JWT vs Authorization headers

Check the video to see if your are missing something on Securing APIs. Stay protected, stay secure!

You can also check part 1- Temple OS

Hungry for more of this?


Subscribe to our blog! Get the latest news and the hottest tips and tricks.
We won't spam you - we promise.


Related Posts

08

Apr
Company News

Codific launches CloudControl. Bringing the edge of the cloud to your healthcare center.

A CloudControl device is a tiny intelligent device that integrates your recording hardware into the Videolab cloud. One device can control all cameras and users at a given location, even in complex multiple room skillslab setups. Make things easy and future proof. The CloudControl software makes your hardware smart, powerful, and versatile. Powerful control panels are always […]