EP62 Protect Modern Applications in the Cloud: Union of APIs and Application Security

Guest: • Etienne De Burgh (  / etienne-de-burgh-14b91245  ) , Senior Security and Compliance Specialist, Office of the CISO @ Google Cloud Topics: • Why is API security hot now? What happened that made it a priority for many? • Is API security different from application security? Doesn't the first "A" in API stand for application? • What are the real threats to exposed APIs? • APIs are designed for automated use, so how do you tell automated (https://patents.google.com/patent/EP3...) use from automated abuse / attack? • What are the biggest challenges that companies are having with API security? • What are the components of API security? Is there a "secure by default API"? API threat detection? • Just like cloud in general, API misconfigurations seem to be leading to security problems, are APIs hard to configure securely for most organizations? Resources: • Google Cloud Security Summit (https://cloudonair.withgoogle.com/eve...) - come see us on May 17, 2022 • "Securing web applications and APIs anywhere" (https://cloudonair.withgoogle.com/eve...) (at our Security Summit (https://cloudonair.withgoogle.com/eve...) ) • OWASP Top 10 for API Security (https://owasp.org/www-project-api-sec...) • "Best practices for securing your applications and APIs using Apigee" (https://cloud.google.com/architecture...)