Preview Mode Links will not work in preview mode

Application Security Weekly (Audio)


Jan 10, 2023

Exposed secrets from CircleCI, web hackers target the auto industry, $100K bounty for making Google smart speakers listen, inspiration from Office Space, AWS making better defaults for S3, resources for learning Rust

 

This segment will discuss options for protecting your APIs. First, why protect them? Second, what are the options and the tradeoffs.

Segment Resources:

- https://stackoverflow.blog/2022/04/11/the-complete-guide-to-protecting-your-apis-with-oauth2/

- https://fusionauth.io/learn/expert-advice/

- https://fusionauth.io/learn/expert-advice/oauth/modern-guide-to-oauth

- https://oauth.net/2/

- https://tools.ietf.org/html/rfc6749

- https://datatracker.ietf.org/doc/id/draft-ietf-oauth-v2-1-07.html

- https://paseto.io

- https://securityboulevard.com/2021/11/biggest-api-security-attacks-of-2021-so-far/

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

 

Show Notes: https://securityweekly.com/asw225