etc.venues 360 Madison, New York
360 Madison Ave, New York, NY 10017
May 2025
300+
participants
200+
companies
15+
sessions
20+
speakers
CIOs, CTO, CDOs, SVPs, VPs, Heads of Innovation, Heads of API, API Architects, Developers, Software Engineers, Infrastructure & Cloud Managers, IT Managers, Product Managers, Consultants & Analysts
Learn from the best about Business Models, Design & Documentation, Lifecycle Management, Security & Identity Management, Testing & Monitoring, Banking APIs and Open Banking, Developer Marketing, Digital Transformation, GraphQL, Microservice Architecture, Mobile & IoT APIs
NORTH AMERICA / EMEA / APAC Amsterdam | Barcelona | Berlin | Helsinki | Jakarta | London | Melbourne | New York | Paris | San Francisco | Singapore | Sydney | Zurich
Since 2012, 50+ apidays conferences have been organised in 13 countries to cover Banking & Financial Services | Consulting | Energy | Healthcare & Life Science | IT & Technology | Manufacturing & Automotive | Media | Non-profit & Education | Public Sector | Retail | Transport & Hospitality
APISecure is the world’s first conference dedicated to API threat management; bringing together breakers, defenders, and solutions in API security. Never before has a conference been focused solely on teaching the tactics and techniques in hacking APIs to red teams and how to defend against them to blue teams. This conference will feature multiple tracks of curated content, each dedicated to offense and defense from some of the most well-known cybersecurity influencers and hackers in API vulnerability research.
Digital Strategist and Influencer
Digital Strategist and Influencer -
Brenton House is an ex-hacker, filmmaker, developer, architect, consultant, strategist, and now Digital Evangelist. Brenton House is known for his unique creative work on several hit YouTube series such as API Cybersecurity 101, API Cookery, and Breaking the Build. As an expert Digital Strategist, Brenton currently works as Vice President for Digital Evangelism at Software AG, a global leader in the API, Integration, and IoT space.
Author and Sr. Manager Pentest
Moss Adams
Author and Sr. Manager Pentest - Moss Adams
I am a senior manager of penetration testing consulting at Moss Adams. In addition, I am the best selling author of Hacking APIs and winner of the 2022 SANS Difference Makers Award for Book of the Year. In 2022, I helped create the APIsec University and released the API Penetration Testing course.
I have over thirteen years of experience working in IT and cybersecurity across several industries, including aerospace, agribusiness, energy, fintech, government services, and healthcare. In addition to a bachelor’s degree in English and philosophy from Sacramento State University, I hold the OSCP, CCISO, CEH, CISA, CISM, CRISC, and CGEIT industry certifications. I have had the pleasure of being the technical editor of the Kali Linux Pentest Bible (Wiley) and Black Hat GraphQL (No Starch Press).
VP of Security Research
Checkmarx
VP of Security Research - Checkmarx
I am the Head of Security Research at Checkmarx, a global leader in application security.
In this role, I lead the company’s security research efforts, overseeing and managing three teams (in two countries) of top-notch professionals - researchers, analysts, pen-testers, secure development engineers, and bounty hunters.
Building and leading this group of experienced defenders, attackers, and security researchers is quite a challenge. Still, it brings invaluable skills and knowledge vital for maintaining Checkmarx’s top-notch vulnerability detection technology and security education platform.
I am enthusiastic about my work and believe it makes a huge difference out there.“No one will protect what they don’t care about, and no one will care about what they have never experienced” - Sir David Attenborough
While I enjoy all aspects of my job, I think my favorite part is to be able to educate and raise security awareness. This brought me to found and lead the AppSec Village as part of DEF CON, lead several OWASP projects and give talks at global events and conferences like RSAC, DEF CON, and Black Hat.
Co-Founder & CTO
Escape
Co-Founder & CTO - Escape
Antoine is co-founder & CTO of Escape. Antoine is a former French National Secret Agency and Apple security engineer and penetration tester.
Co-founder and CEO
Escape
Co-founder and CEO - Escape
Tristan is co-founder & CEO @ Escape (GraphQL Security). He was a seasoned freelance developer and Machine Learning Researcher at UC Berkeley. He witnessed the API Security problem with his eyes while working for a customer. He saw an entire company database being stolen in 2018 through an API he developed himself.
Author of "Design and Build Great APIs", API Strategist & Advisor
amundsen.com, Inc.
Author of "Design and Build Great APIs", API Strategist & Advisor - amundsen.com, Inc.
An internationally known author and speaker, Mike Amundsen consults with organizations around the world on network architecture, Web development, and the intersection of technology & society. He works with companies large and small to help them capitalize on the opportunities provided by APIs, Microservices, and Digital Transformation. Amundsen has authored numerous books and papers. He contributed to the O’Reilly book, "Continuous API Management" (2018). His "RESTful Web Clients", was published by O’Reilly in February 2017 and he co-authored "Microservice Architecture" (June 2016). His latest book — "Design and Build Great APIs" — for Pragmatic Publishing, is scheduled for release in early 2020.
Distinguished Engineer, CTO IBM Security
IBM
Distinguished Engineer, CTO IBM Security - IBM
I am a technical executive with a PhD in Cybersecurity and a focus on security architecture for external clients.
- YouTube videos on cybersecurity with more than 3 million views
- Author of "Inside Internet Security: What Hackers Don't Want You to Know" (Addison-Wesley)
- Member of the inaugural class of the NC State University Computer Science Alumni Hall of Fame
- Contributing author to the "Information Security Management Handbook" Sixth Edition, Volume 7 (Auerbach)
- IBM Master Inventor
- Served on international assignment in Beijing
- Served as member of the NC State University Computer Science Strategic Advisory Board
- Member of the IBM Academy of Technology
- Presented at more than 100 conferences/seminars
- Over 40 years' experience in the IT industry
- Published articles on cryptography, virtual private networking, identity management, LDAP, password security and network security
- Served on editorial board for the "Information Management & Computer Security" research journal, NC State Univ Cyberlaw board, program committee for the International Network Conference
- Experience in software development as a programmer, designer and project leader
- Extensive experience in pre-sales consultative selling, security architecture development and vision setting
- Worked with clients in more than 40 countries across 6 continents
Global Head of Presales
42Crunch
Global Head of Presales - 42Crunch
Passionate about helping customers make good decisions in an increasingly digital world.
Special Knowledge Areas:API Protection, API Security, Innovation, Growth Engineering, REST API, Async API, Access Federation, Secure Mobile Connect, Secure Cloud Architectures, Payment
Co-Founder and CEO
Akto.io
Co-Founder and CEO - Akto.io
Ankita is the co-founder and CEO of Akto.io. Prior to Akto she has experience working in VMware, LinkedIn and JP Morgan. She holds MBA from Dartmouth College and Bachelors in Technology from IIT Roorkee. She is a past speaker at DefCon, BlackHat and various OWASP meetups and conferences.
Founder and Chairman of Apidays Conferences, Author of Continuous API Management
Apidays
Founder and Chairman of Apidays Conferences, Author of Continuous API Management - Apidays
Mehdi Medjaoui is the founder of APIdays conferences series worldwide, that he started in 2012 in Paris. He is highly involved in the API community and API Industry, and is a current author, lecturer, consultant and investor in the API space. In 2011 he co-founded OAuth.io, a SaaS OAuth API middleware for OAuth integration and implementation used by 40,000+ developers, that had been acquired in December 2017. His research involves publishing the API Industry Landscape and the yearly State of Banking APIs.
CTO
Layer7
CTO - Layer7
Francois is a Distinguished Engineer and CTO for API Management at Broadcom Software. Previously, Francois was a member of the Ping Identity Office of the CTO. An early adopter of service orientation, Francois specialized in the application of security in distributed systems. Notably, Francois was the first developer at Layer 7 Technologies where he was part of a team who developed a best of breed API security gateway technology which disrupted a category, and continues to be used by hundreds of enterprises today.
Principal Engineer, Platform Team Lead
Sanofi
Principal Engineer, Platform Team Lead - Sanofi
Being associated with the industry since 2012, I have worked as a Developer, Leader, Architect and now Principal Engineer to build, architect and improve solutions based on APIs and real time communication.
I have been thanked for my work around automation of processes allowing the companies to greatly increase the efficiency of their workflows while improving the developer experience and the quality in the final product. My colleagues know me as a good communicator who likes to use an interactive approach for understanding the requirements and solving problems of varied scope.Working with a plethora of roles - both technical and business - such as lead architect, staff engineer, project manager and CxO but also legal team I have been able to develop keen eyes for various technicalities which helped me in maximizing our products impact's for our customers.
Sr Developer Advocate | Solutions Architect
Yubico
Sr Developer Advocate | Solutions Architect - Yubico
I started my career as a web developer, quickly following in love with the end to end process from designing functional user experiences, scoping application interfaces, and the deployment/building of code.
From there, I moved into an Architecture role, where I got to play with interesting cutting edge technologies in the area of Artificial Intelligence. I had the great opportunity to work directly with Microsoft, Amazon, and newer start-ups to test their technologies for their applicability in a large enterprise like ExxonMobil.
From there I transitioned to become the Product Manager of the ExxonMobil Health Applications group. In February of 2020 I asked myself "There is no way this gig could be that hectic, right?". In March 2020 the COVID pandemic swept the US, forcing us into lockdown, leaving me to help guide the team through the "pandemic year".
Nowadays I'm at Yubico, where I've been helping to create guidance targeted at developers to help make their applications more secure through the use of WebAuthn.
When not online you can find me crate digging at record shops, front row at concerts (short problems), at theaters watching classic movies, or writing self-indulgent bios.
Co-Founder and CEO
StackHawk
Co-Founder and CEO - StackHawk
Joni is the CEO and co-founder of StackHawk. She has deep experience building products as a product leader in the DevOps ecosystem, including growing companies from seed through high growth and acquisition. Now, her primary focus is helping developers find and fix security bugs before they deploy to production and bringing security and developer teams together. When she's not in CEO mode, she loves to travel, try new foods, and enjoy time at home with her husband and two dogs, Q and Tokyo.
Co-Founder and CTO
Akto.io
Co-Founder and CTO - Akto.io
Ankush is the co-founder & CTO at Akto (https://www.akto.io). Prior to starting Akto he worked at CleverTap as VP of Engineering. He has also worked for 5 years as a Quant at Morgan Stanley. He has acquired US patents at Microsoft and at CleverTap.
PM
Layer7
PM - Layer7
- Proven leader guiding organizations in technical direction and enabling digital transformation
- 20+ years of experience in the software industry with a strong technical background
- Deep background in digital technologies including APIs, Cloud, Microservices, and Integration
- Balance of business understanding and technical expertise enables effective consultation and decision making
Customer Engineer
Layer7
Customer Engineer - Layer7
Globally experienced technologist that is always on the look out for the next generation of technology that is used to service the enterprise, mobile or internet based products and services. I am interested in all aspects of infrastructure from basic shared hosting to large scale automated data center design. Enjoy working with all levels of fellow technologists to solve complex issues and comfortable working with engineers or executives to build new business solutions.
As one of the founding members of Layered Tech we built the company from a 2 man operation 4+ years ago to the multimillion dollar global data center provider it is today. I have 10+ years of experience with startup's such as 3Tera, LT and others along with working at CA I have seen and experienced most everything you can when it comes to providing service and support at all levels from small local start up MSP to large scale GSP.
I have strong skills in all main stream operating systems, application architecture ( servers, DB, storage platforms, system messaging, API's, security, networking et), virtualization platforms and general data center design. Always on the look out for new ways to complete complex tasks with automation and virtualization technologies allowing us to eliminate human error allowing for higher levels of operational efficiency and overall performance.
I have 18 years of supporting global customers across a wide range of regions, time zones, cultures and customer bases from first world tier one telco providers in the US to up and coming service providers in south east Asia.
Chief Operating Officer
Data Theorem
Chief Operating Officer - Data Theorem
Doug Dooley is the Chief Operating Officer of Data Theorem. He heads up product strategy, marketing, sales, and customer success teams. Before joining Data Theorem, Dooley worked in venture capital leading investments of cloud-centric security, machine-learning, and infrastructure startups for Venrock. While at Venrock, Dooley served on the boards of Evident.io (Palo Alto Networks), Niara (HPE), and VeloCloud (VMware). Prior to Venrock, Dooley spent almost two decades as an entrepreneur and technology executive at some of the most innovative and market dominant technology infrastructure companies – ranging from large corporations such as Cisco and Intel to security and virtualization startups such as Neoteris, NetScreen, and RingCube. Earlier in his career, he held various management, engineering, sales, and marketing roles at Juniper Networks, Inktomi, and Nortel Networks. Dooley earned a B.S. in Computer Engineering from Virginia Tech.
Director
Data Theorem
Director - Data Theorem
Richard is a Director at Data Theorem. He works with security professionals and developers across different size organizations to better understand market trends and needs around mobile app security, mobile app fraud and API security. Before joining Data Theorem, Richard worked for Cisco Systems helping different organizations develop security solutions across many different areas of technology including network security, cloud security, data center security and identity management. Prior to Cisco Systems, Richard worked as an entrepreneur and technology influencer at collaboration leader TANDEBRG and virtualization startup RingCube Technologies. Richard earned a B.S. in Management Information Systems from San Jose State University.
Head of Product Management at SAST & Engines
Checkmarx
Head of Product Management at SAST & Engines - Checkmarx
• A decade+ of experience in designing and delivering world-class software products.
• Hands-on product development management.
• Managing the end-to-end lifecycle for products, for enterprise offerings.
• Experienced in agile methodologies for Product management.
• PRD, MRD, and technical document writing.
• Market analysis, Business cases, Product strategy, and Solution definition to multiple markets.
• Highly experienced in designing web user interfaces, and creating examples using wireframes and mock-ups (Figma, Balsamiq, Pencil).
• Manage Change Control procedures: Issue and track customer relations or additional scope and activities in the product with our internal R&D.
• Highly technical, professional, ambitious, dedication to work even in irregular hours with the US market.
• Team player, People person, and leader.
• Possess knowledge in various areas of technology, such as big data, AI, mobile devices, operating systems, monitoring solutions, etc.
SVP, Head of Data Aggregation Product
Fidelity Investments
SVP, Head of Data Aggregation Product - Fidelity Investments
Multi-dimensional global executive excelling at opportunities that need definition, vision, and Lean innovation. Strong track record for "building the right thing" as well as "building it right" by innovating differentiated customer experiences, products, websites, Agile, SRE and digital transformation, SOA and cloud modernization. Expertise in large scale solutions supporting Open Banking/Open Finance, supporting API developers and eco-systems, telco, financial services, contact center, Salesforce CRM, billing, BSS, network management and digital applications. Extensive accomplishments in Lean software/product delivery, transforming teams, products and strategy in start-ups to largest global companies.
VP of Engineering
StackHawk
VP of Engineering - StackHawk
Dan Hopkins is the VP of engineering at StackHawk. He has experience building engineering teams from 0 to big, managing architecture and design, and establishing evolving development processes. His personal philosophy is to develop teams first and then software. Away from the keyboard, he loves skiing, camping, playing the piano, and reading (and can provide a book reference for just about any topic). And yes, he’s a Colorado local; of course, his favorite time to be out driving is when it’s dumping powder.
Field CISO & Customer Advocate
F5
Field CISO & Customer Advocate - F5
Chuck Herrin is Field CISO & Customer Advocate at F5. He joined the company through the acquisition of Wib Security, where he held the position of CTO.
In the 20 years prior to Wib, Chuck held a variety of CISO and technology leadership roles, including EVP and CISO for Texas Capital Bank and end to end responsibility for Security, Risk, and Compliance for AIG’s Consumer Group.
Chuck is passionate about security and particularly interested in emerging threats and the rise of generative AI, microservices, and APIs in modern applications
Sr. Cyber Security Solutions Architect
F5 API Security
Sr. Cyber Security Solutions Architect - F5 API Security
Peter has over 25 years of experience in the software industry with another decade before that as an amateur programmer. Peter has spent the last 15 years in the world of web application development and application security. As an independent consultant, Peter spent time developing solutions for securing network and application access for Fortune 1000 and security conscious government organizations. Peter currently works with F5 Networks as a Cyber Security Solutions Architect where he focuses on security opportunities across North America, specializing in DDoS, SSL Intercept/Visibility and Web Application Firewall cases
Head of Product for Export Aggregation
Chase
Head of Product for Export Aggregation - Chase
Successful and proven leader with product vision and strong ability to lead teams to deliver on roadmaps. Extensive experience managing technology delivery specifically in building APIs and big data strategies. Excellent people and organization management skills. Top-tier consulting experience.
Currently Head of Product for Export Aggregation for Connected Banking (open banking) at Chase, leading Digital platforms across API strategy, consumer data sharing and partnerships with Third Parties and FinTechs.
VP, Data Governance & Privacy Engineering
Capital One
VP, Data Governance & Privacy Engineering - Capital One
Results-driven & strategic thinking technology executive and serial entrepreneur focused on driving innovation and industry-wide disruption while leveraging data products and big data analytics. Diverse experience and background in Fintech, AdTech, Healthcare, and Media with lived experiences in all phases of growth from seed-startup to global enterprise scale.
Founding Director, MIT Internet Policy Research Initiative & Research Scientist
MIT
Founding Director, MIT Internet Policy Research Initiative & Research Scientist - MIT
Specialties: Internet Public Policy: privacy, freedom of expression, cybersecurity, AI Policy, patents and copyright
Patents and Standards
Open source and internet standards
Semantic Web
Senior Vice President Data Access, Open Banking
Mastercard
Senior Vice President Data Access, Open Banking - Mastercard
Accomplished financial services & payments executive who excels in driving strong business results through innovative product development, creative problem solving and by cultivating high performing teams. Proven track record of end-to-end execution, taking a concept from strategy through to product launch.
Room: Venture 3
Founder and Chairman of Apidays Conferences, Author of Continuous API Management - Apidays
APISecure ConferenceRoom: Venture 3 & 2
|
---|
9:30 am
Adversarial AI: Lying chatbots, deep fakes and more
Jeff Crume
Distinguished Engineer, CTO IBM Security - IBM
9:30 am
Adversarial AI: Lying chatbots, deep fakes and moreJeff Crume
Distinguished Engineer, CTO IBM Security - IBM
9:55 am
Putting AI into API Security
Corey Ball
Author and Sr. Manager Pentest - Moss Adams
9:55 am
Putting AI into API SecurityLarge Language Models are becoming more important for all aspects of APIs. I will demonstrate how an AI-driven approach to security can help identify weaknesses and test APIs at scale. This presentation will explore the application of AI for enhancing the effectiveness, quality, and efficiency of API security testing. Corey Ball
Author and Sr. Manager Pentest - Moss Adams
10:20 am
Post-Quantum API Security: Preparing your APIs for Q-day
Francois Lascelles
CTO - Layer7
10:20 am
Post-Quantum API Security: Preparing your APIs for Q-dayQuantum computing seems like a distant-future technology, but if you consider the pace of enterprise modernization, the quantum threat may be just around the corner - and APIs are a primary target. When is Q-day exactly? Nobody knows yet, but equally unknown is the scale of the corrective measures that will be required of your API infrastructure. Francois Lascelles
CTO - Layer7
10:45 am
APISecOps Culture : Fireside chat discussion with Jean Burelier, Tech Lead Platform Team and Brenton House
Jean Burellier
Principal Engineer, Platform Team Lead - Sanofi
Brenton House
Digital Strategist and Influencer
10:45 am
APISecOps Culture : Fireside chat discussion with Jean Burelier, Tech Lead Platform Team and Brenton HouseJean Burellier
Principal Engineer, Platform Team Lead - Sanofi Brenton House
Digital Strategist and Influencer |
APISecure ConferenceRoom: Venture 3
|
APISecure ConferenceRoom: Venture 2
|
---|---|
11:35 am
LLM API Security
Ankita Gupta
Co-Founder and CEO - Akto.io
Ankush Jain
Co-Founder and CTO - Akto.io
11:35 am
LLM API SecurityIn this session, we will talk about API security of LLM APIs, addressing key vulnerabilities and attack vectors. The purpose is to educate developers, security teams, API designers, architects and organizations about the potential security risks when deploying and managing LLM APIs. Ankita Gupta
Co-Founder and CEO - Akto.io Ankush Jain
Co-Founder and CTO - Akto.io
12:00 pm
API Secret Tokens Exposed: Insights from Analyzing 1 Million Domains
Tristan Kalos
Co-founder and CEO - Escape
Antoine Carossio
Co-Founder & CTO - Escape
12:00 pm
API Secret Tokens Exposed: Insights from Analyzing 1 Million DomainsJoin Escape's co-founder and CTO, Antoine Carossio, together with co-founder and CEO, Tristan Kalos, for insights on critical risks from exposed API tokens. Their groundbreaking research, analyzing 1 million domains, uncovered 18,000+ API tokens and RSA keys accessible without authentication. 41% were highly critical. Tristan Kalos
Co-founder and CEO - Escape Antoine Carossio
Co-Founder & CTO - Escape
12:20 pm
From API Security to AI Security - The Solution or the Problem?
Erez Yalon
VP of Security Research - Checkmarx
12:20 pm
From API Security to AI Security - The Solution or the Problem?In an era where APIs define the digital ecosystem, securing them against evolving cyber threats has become paramount. Just as the industry began to adapt to the intricacies of API security, the sudden introduction of AI into our digital lives has presented a new frontier of opportunities and challenges. Erez Yalon
VP of Security Research - Checkmarx
12:45 pm
Passkeys: Developing APIs to enable passwordless authentication
Cody Salas
Sr Developer Advocate | Solutions Architect - Yubico
12:45 pm
Passkeys: Developing APIs to enable passwordless authenticationIt's a common occurrence to open the news and hear of another data breach, ransomware attack, or other forms of cyber crime. At the root of almost every incident is a compromised credential. Passwords, and legacy forms of multi factor authentication, have been the defacto standard in authentication for decades, but ultimately have failed in protecting user accounts. Cody Salas
Sr Developer Advocate | Solutions Architect - Yubico |
11:35 am
The Four Pillars of API Security: Layer7 - A Comprehensive API Security InfrastructureAPISecure Workshop by Broadcom
Francois Lascelles
CTO - Layer7
Greg Thompson
PM - Layer7
Jeremy Suo-Anttila
Customer Engineer - Layer7
11:35 am
The Four Pillars of API Security: Layer7 - A Comprehensive API Security InfrastructureAPISecure Workshop by Broadcom Deep dive into the infrastructure that controls access to APIs based on four pillars of security; real time security and integration, API Ops at Scale, API Management, and API intelligence. We will explore how these pillars combine to provide an effective and comprehensive solution for large-scale API security. Francois Lascelles
CTO - Layer7 Greg Thompson
PM - Layer7 Jeremy Suo-Anttila
Customer Engineer - Layer7
12:20 pm
Learn GraphQL Security: Process, Tools, & ExamplesAPISecure Workshop by Akto
Ankita Gupta
Co-Founder and CEO - Akto.io
Ankush Jain
Co-Founder and CTO - Akto.io
12:20 pm
Learn GraphQL Security: Process, Tools, & ExamplesAPISecure Workshop by Akto GraphQL Security workshop is for API developers and application security teams, focusing on practical security checks of GraphQL APIs. Participants will gain insights from hands-on experience with the Damn Vulnerable GraphQL Application (DVGA). Ankita Gupta
Co-Founder and CEO - Akto.io Ankush Jain
Co-Founder and CTO - Akto.io |
APISecure ConferenceRoom: Venture 3
|
APISecure ConferenceRoom: Venture 2
|
---|---|
2:00 pm
APIs with ChatGPT 4-Turbo and Attack Path Visualization
Doug Dooley
Chief Operating Officer - Data Theorem
2:00 pm
APIs with ChatGPT 4-Turbo and Attack Path VisualizationChatGTP-4 Turbo powers a new class of Enterprise AI assistances. The fuel that powers these new AI assistants is large quantities of data from APIs in the cloud. Doug Dooley
Chief Operating Officer - Data Theorem
2:25 pm
Unlock Shift Left: Right Teams, Right Tools, Fixed Problems
Joni Klippert
Co-Founder and CEO - StackHawk
2:25 pm
Unlock Shift Left: Right Teams, Right Tools, Fixed ProblemsTo match the pace of API-driven development, it’s essential to implement a proactive approach to security testing. However, organizations struggle despite a strong desire to integrate security into software delivery cycles effectively. Joni Klippert
Co-Founder and CEO - StackHawk
2:50 pm
You’ve Had an API Breach, Now What?
Axel Grosse
Global Head of Presales - 42Crunch
2:50 pm
You’ve Had an API Breach, Now What?Axel Grosse
Global Head of Presales - 42Crunch
3:15 pm
Your Defense Must Be Informed by the Offense: API Attack Patterns, the Rise of AI, and What Defenders Need to Know
Chuck Herrin
Field CISO & Customer Advocate - F5
Corey Ball
Author and Sr. Manager Pentest - Moss Adams
3:15 pm
Your Defense Must Be Informed by the Offense: API Attack Patterns, the Rise of AI, and What Defenders Need to KnowAttacks on API endpoints are now over 90% of attacks seen by F5, and many defenders are not aware of how API attacks differ from the attacks your WAF was built for. Chuck Herrin
Field CISO & Customer Advocate - F5 Corey Ball
Author and Sr. Manager Pentest - Moss Adams |
2:00 pm
Powering DevSecOps With DevSecTrustAPISecure Workshop by Checkmarx
Yossi Rifold
Head of Product Management at SAST & Engines - Checkmarx
2:00 pm
Powering DevSecOps With DevSecTrustAPISecure Workshop by Checkmarx DevSecOps has been around the industry for over a decade now and has ridden the hype cycle into accepted best practice —but best practice doesn’t mean easy. Yossi Rifold
Head of Product Management at SAST & Engines - Checkmarx
2:50 pm
Beyond Red, Yellow and Green, Bringing Context to API SecurityAPISecure Workshop by Data Theorem
Richard Smith
Director - Data Theorem
2:50 pm
Beyond Red, Yellow and Green, Bringing Context to API SecurityAPISecure Workshop by Data Theorem As the need for an API Security program continues to grow, organizations are seeing new challenges emerge. Richard Smith
Director - Data Theorem |
APISecure ConferenceRoom: Venture 3
|
The New Banking API StackRoom: Venture 2
|
---|---|
4:05 pm
Panel Discussion: Open Banking Frameworks for Secure Data Sharing
Figen Ceceli
SVP, Head of Data Aggregation Product - Fidelity Investments
Kathy Wong
Head of Product for Export Aggregation - Chase
Awah Teh
VP, Data Governance & Privacy Engineering - Capital One
Danny Weitzner
Founding Director, MIT Internet Policy Research Initiative & Research Scientist - MIT
Shekhar Sahgal
Senior Vice President Data Access, Open Banking - Mastercard
4:05 pm
Panel Discussion: Open Banking Frameworks for Secure Data SharingTo align with new open banking policy proposals, technology integrations that enable secure data sharing are top of mind for many in the industry, from financial institutions to security experts to fintechs. This panel is a cross-section of leaders across the industry sharing different perspectives on: Figen Ceceli
SVP, Head of Data Aggregation Product - Fidelity Investments Kathy Wong
Head of Product for Export Aggregation - Chase Awah Teh
VP, Data Governance & Privacy Engineering - Capital One Danny Weitzner
Founding Director, MIT Internet Policy Research Initiative & Research Scientist - MIT Shekhar Sahgal
Senior Vice President Data Access, Open Banking - Mastercard
4:45 pm
A Journey through API SecurityAPISecure Workshop by F5 API Security
Peter Scheffler
Sr. Cyber Security Solutions Architect - F5 API Security
4:45 pm
A Journey through API SecurityAPISecure Workshop by F5 API Security Take a real-world look at some dangerous and common API exploits, highlighting practical techniques for protecting your most critical digital assets. Peter Scheffler
Sr. Cyber Security Solutions Architect - F5 API Security |
4:05 pm
Test driven API security: From API Discovery to tested Web APIsAPISecure Workshop by StackHawk
Dan Hopkins
VP of Engineering - StackHawk
4:05 pm
Test driven API security: From API Discovery to tested Web APIsAPISecure Workshop by StackHawk You can't secure what you don't know about. First you need to understand your API and web application attack surface and then put effective security coverage in place. Dan Hopkins
VP of Engineering - StackHawk |