Securing APIs, IT PRO Meetup part2

IT Pro Meetup (part 2) – Securing APIs

The second topic covered in the Burgas IT Pro Meetup is Securing RESTful APIs by Zlatomir Haralambov. He is a senior software engineer in Codific mainly involved in projects focussing on security. He said that – some people may try to convince you that you can create a secure API within 10 minutes, but you shouldn’t get fouled. There is a lot of stuff that you have to keep in mind when you work on the security part of your project. You won’t let your car unlocked, why would you do so with your data. Implementing and deploying APIs in a secure manner is essential and Zlati showed us a few tips and tricks.

Mandatory use of the HTTPS.
Implementation of Rate limits.
Proper Authorization
Security Tokens in the Header and the Cookies
CSRF attacks protection
Enforcement of strict CORS policies
Cookies vs JWT vs Authorization headers

Check the video to see if your are missing something on Securing APIs. Stay protected, stay secure!

You can also check part 1- Temple OS

Hungry for more of this?

Subscribe to our blog! Get the latest news and the hottest tips and tricks.
We won't spam you - we promise.

Related Posts



Interview with our CEO – Aram Hovsepyan

We rarely talk about what happens inside of Codific and you’ve most probably heard about us from an event we’ve hosted or through a friend. We decided to create a series of interviews with the company members where they talk about their responsibilities in Codific, hobbies outside of the work time, and even go into depth about […]

control systems, smart cities, IT Pro Meetup



IT Pro Meetup (part 3) – Making control systems trustworthy

The third topic of the meetup was “Making control systems trustworthy” by Jan Tobias Muehlberg. He is a Research Manager at KU Leuven, DistriNet Research Group. In addition, Jan previously worked as a senior staff scientist at the University of Bamberg and Software Technologies Research Group. He has a Ph.D. from the University of York. He is[…]