March 14 & 15, 2023

500+
attendees

300+
companies

40+
sessions

50+
speakers

APISecure is powered by

Apidays logo 2023 version

&

WHY JOIN APISECURE WHAT IS APISECURE?

Be a part of the world’s first and only API security conference

APIsecure is the most influential event in API security — the proving ground for API security solutions and capacity building in hacking and defending APIs.This is where the world’s API security unicorns collaborate and network with end-users and decision makers in API security, owned and produced by Knight Events and apidays.

1800+ past attendees

CIOs, CTO, CDOs, SVPs, VPs, Heads of Innovation, Heads of API, API Architects, Developers, Software Engineers, Infrastructure & Cloud Managers, IT Managers, Product Managers, Consultants & Analysts

100+ speakers

Learn from the best about Business Models, Design & Documentation, Lifecycle Management, Security & Identity Management, Testing & Monitoring, Banking APIs and Open Banking, Developer Marketing, Digital Transformation, GraphQL, Microservice Architecture, Mobile & IoT APIs

A global community

NORTH AMERICA / EMEA / APAC Amsterdam | Barcelona | Berlin | Helsinki | Jakarta | London | Melbourne | New York | Paris | San Francisco | Singapore | Sydney | Zurich

800+ companies

Since 2012, 50+ apidays conferences have been organised in 13 countries to cover Banking & Financial Services | Consulting | Energy | Healthcare & Life Science | IT & Technology | Manufacturing & Automotive | Media | Non-profit & Education | Public Sector | Retail | Transport & Hospitality

APISecure is the world’s first conference dedicated to API threat management; bringing together breakers, defenders, and solutions in API security. Never before has a conference been focused solely on teaching the tactics and techniques in hacking APIs to red teams and how to defend against them to blue teams. This conference will feature multiple tracks of curated content, each dedicated to offense and defense from some of the most well known cybersecurity influencers and hackers in API vulnerability research.

APISecure was co-founded by Alissa Knight, a renowned API hacker who’s literally writing the book on hacking APIs and who published some of the most widely known and controversial research papers in hacking passenger vehicles, financial services, fintech, and healthcare APIs over the last decade.

2023 SPEAKER LINEUP

Dr. Katie Paxton-Fear

Lecturer in Cyber Security, Speaker & Ethical Hacker

Gabrielle Botbol

Ethical Hacker | Award-winning Pentester | Artemis Red Team | Board Member | Speaker | Mentor

Corey Ball

Published Author of Hacking APIs

Inon Shkedy

Co-Author of OWASP API Security Top 10

Elizabeth Ramirez

Manager, Community Operations at Cobalt

Vaishali Nagori

Security Researcher at Appknox

Tushar Kulkarni

Creator of vAPI, Graduate student at Indiana University

Jose Palafox

Director of Business Development at GitHub

Natalee Webb

Senior Program Manager at GitHub

David Linthicum

Chief Cloud Strategy Officer at Deloitte Consulting

Yoshiyuki Tabata

Software Engineer at Hitachi, Ltd.

Carolina Ruiz

CEO at Brier & Thorn

John Moehrke

Co-Chair, Security Working Group, Health Level 7 International (HL7)

Shannon Wilkinson

Cybersecurity Founder | Women in Technology & STEM Advocate | Keynote Speaker | Board Member & Advisor

Alissa Knight

Partner at Knight Group

Topher Marie

CTO and Cofounder at Strata Identity

Brenton House

VP, Digital Evangelism at Software AG

Arik Atar

Threat Intelligence Researcher at Human Security

Parth Shukla

Security Analyst at Cequence Security

Harish Kumar

Professional Cloud Architect at Google Cloud

Michael McCabe

President at Cloud Security Partners

Warren Parad

CTO at Rhosys AG

Michael Taggart

Senior Cybersecurity Researcher at UCLA Health Sciences

Brian Joe

Co-Founder, Product at Impart Security

Melissa Knight

Partner at Knight Group

Andy Hornegold

Product Lead at Intruder

Aris Giannopoulos

Full-Stack Web Developer at Kodiklab

Cherish Santoshi

Sr. Developer Relations Engineer at Orkes

Edmund Olson-Morgan

Core API and Innovation Lead at Marsh McLennan

Emil Pasca

Ph.D Student at Technical University of Cluj Napoca

Gabriel L. Manor

Director of DevRel at Permit.io

Giora Engel

CEO at Neosec

Kuldeep Pisda

Backend Engineer cum SRE, Goldcast Inc

Leo Juszkiewicz

Security Researcher at Palo Alto Networks

Meenakshi Kaushik

Leader - Product Management at Cisco

Nir Paz

Product Management at Standard.ai

Pieter Philippaerts

Research Manager at KU Leuven - DistriNet

Sagar Bhure

Security Engineer at F5

Mehdi Medjaoui

Founder & Chairman of apidays

Sean Falconer

Head of Developer Relations and Marketing at Skyflow

Swapnil Deshmukh

CTO at Certus Cybersecurity Solutions LLC

Tom Zahov Zaubermann

Founder & CEO at Zyberum GmbH

Sean Falconer

Head of Developer Relations and Marketing at Skyflow

Ian Douglas

Senior Developer Advocate at Postman

Rahul Dhawan

Senior Security Engineer at Postman

Jeremy Snyder

Founder and CEO of FireTail

SCHEDULE DETAILS Explore the Agenda

Timezone

(GMT+8)

Apidays APIsecure

The world's first and only API security conference

  • 9:00 am
  • Welcome and Opening Remarks
  • Alissa Knight, Partner at Knight GroupMelissa Knight, Partner at Knight GroupMehdi Medjaoui, Author, Founder and Chairman of apidays conferences

  • 9:15 am
  • Your Technical Debt is My Bug Bounty - Some fun hacker stories and the future of API hacking
  • Dr. Katie Paxton-Fear, Lecturer in Cyber Security, Speaker & Ethical Hacker

  • 10:15 am
  • Networking/Expo

Red Track

Blue Track

Purple Track

Solutions Track

Red Track

10:45 am

Android Applications and API Hacking

Gabrielle Botbol, Ethical Hacker | Award-winning Pentester | Artemis Red Team | Board Member | Speaker | Mentor

11:45 am

Machine Learning in API Security

Sagar Bhure, Security Engineer at F5

Blue Track

10:45 am

Security Considerations for API Gateway Aggregation

Yoshiyuki Tabata, Software Engineer at Hitachi, Ltd.

11:45 am

Securing API Credentials on GitHub.com

Jose Palafox, Director of Business Development at GitHubNatalee Webb, Senior Program Manager at GitHub

Purple Track

10:45 am

The Present and Future of OWASP API Security Top 10

Inon Shkedy, API Security Project Leader at OWASP

11:45 am

Discovery is the Starting Point for Defending APIs

Giora Engel, CEO at Neosec

Solutions Track

11:45 am

Automatically securing your APIs thanks to a shared security model between Business and Engineering

Jean Burellier, Tech Lead Platform Team at Sanofi

  • 12:45 pm
  • Networking/Expo

Red Track

Blue Track

Purple Track

Solutions Track

Red Track

1:15 pm

Escape Workshop: "Discovering GraphQL Vulnerabilities in the Wild

Antoine Carossio, Co-Founder & CTO @ EscapeTristan Kalos, Co-Founder & CEO @ Escape

2:15 pm

Beyond Vuln Management: How Adding Offensive Methodology Made Our APIs More Secure.

Michael Taggart, Senior Cybersecurity Researcher at UCLA Health Sciences

3:15 pm

Expanding Your Application Security: Integrating CNAPP and API Security

Meenakshi Kaushik, Leader – Product Management at Cisco

4:15 pm

Enhancing API Security with Runtime Secrets & Attestation

Ted Miracco, CEO of Approov Mobile Security

Blue Track

1:15 pm

The Power of Gates AND Guardrails

Brian Joe, Co-Founder and Head of Product at Impart Security

2:15 pm

AI in API Security

Carolina Ruiz, CEO at Brier & Thorn

3:15 pm

API Security - doing more with less.

Nir Paz, Product Management at Standard.ai

4:15 pm

Exploring Advanced API Security Techniques and Technologies

Sudhir Chepeni, Director Products and Technology at Akamai

Purple Track

1:15 pm

Learning from a decade of API breaches and why application-centric security is the right path

Jeremy Snyder, Founder and CEO of FireTail

2:15 pm

I KNOW WHAT YOU(r APIs) DID LAST SUMMER – Understanding and Identifying Threats Against APIs

Shannon Wilkinson, Cybersecurity Founder | Women in Technology & STEM Advocate | Keynote Speaker | Board Member & Advisor

Solutions Track

1:15 pm

OAuth, OIDC and protecting third-party credentials

Edmund Olson-Morgan, Core API and Innovation Lead at Marsh McLennan

4:15 pm

Structuring Security Forward

Megan Bell, Accomplished Cybersecurity, Privacy and Compliance Executive

  • 5:15 pm
  • API First Hacking
  • Corey Ball, Published Author of Hacking APIs

  • 6:15 pm
  • Closing Remarks
  • 6:30 pm
  • Movie Knight: Scorched Earth
  • 9:00 am
  • Welcome and Opening Remarks
  • Alissa Knight, Partner at Knight GroupMelissa Knight, Partner at Knight GroupMehdi Medjaoui, Author, Founder and Chairman of apidays conferences

  • 9:15 am
  • Breaking Vulnerable APIs
  • Tushar Kulkarni, Creator of vAPI, Graduate student at Indiana University

  • 10:15 am
  • Networking/Expo

Red Track

Blue Track

Purple Track

Solutions Track

Red Track

10:45 am

Vaishali's Guide to Hacking APIs

Vaishali Nagori, Security Researcher at Appknox

11:45 am

Princess of Thieves: How I Hacked 50 Banks

Alissa Knight, Partner at Knight Group

Blue Track

10:45 am

The emerging love triangle of API, Credential Stuffing, & Financial fraud

Arik Atar, Threat Intelligence Researcher at Human Security

Purple Track

10:45 am

Securing your APIs with multi-facet contract testing

Ian Douglas, Senior Developer Advocate at Postman

Solutions Track

10:45 am

Workshop: Detect OWASP vulnerabilities in your APIs with Postman

Rahul Dhawan, Senior Security Engineer at Postman

11:45 am

What if privacy had an API?

Sean Falconer, Head of Developer Relations and Marketing at Skyflow

  • 12:45 pm
  • Networking/Expo

Red Track

Blue Track

Purple Track

Solutions Track

Red Track

1:15 pm

How to abuse Terraform to elevate access

Michael McCabe, President at Cloud Security Partners

2:15 pm

Learn how to attack and mitigate vulnerabilities in GraphQL

Parth Shukla, Security Analyst at Cequence Security

3:15 pm

For flex(ibility) sake, modernize your legacy APIs!

Topher Marie, CTO and Cofounder at Strata Identity

4:15 pm

All #FHIRed Up

John Moehrke, Co-Chair, Security Working Group at Health Level 7 International (HL7)

Blue Track

1:15 pm

The Importance of Real-Time Protection in API Security

Jeremy Ventura, Director, Security Strategy & Field CISO atThreatX

2:15 pm

How would Tony Stark handle your API Security?

Brenton House, Vice President, Digital Evangelism at Software AG

3:15 pm

API Security Powered by ChatGPT

Meenakshi Kaushik, Leader – Product Management at Cisco

Purple Track

1:15 pm

Time to Take the "F*^!" out of ShiFt Left

Christine Bevilacqua, API Security Evangelist at APIsec University

2:15 pm

Approaching Multicloud API Security USing Metacloud

David Linthicum, Chief Cloud Strategy Officer at Deloitte Consulting

3:15 pm

FHIR API Security

Grahame Grieve, Creator of FHIR API Standard at Health Level 7 International (HL7)

Solutions Track

1:15 pm

Exploring Security Compliance in the OAuth 2.0 Ecosystem

Pieter Philippaerts, Research Manager at KU Leuven – DistriNet

2:15 pm

API orchestration: to build resilient applications

Cherish Santoshi, Sr. Developer Relations Engineer at Orkes

3:15 pm

Single click OAuth attack that may lead to account hijacking

Swapnil Deshmukh, CTO at Certus Cybersecurity Solutions LLC

  • 5:15 pm
  • Conference Closing Keynote

WHO HELPS US 2023 SELECTED SPONSORS

SECURE YOUR SPOT TODAY

Have any questions?

Contact us at events@apidays.io