- 9:00 am
- Welcome and Opening Remarks
- 9:15 am
- Your Technical Debt is My Bug Bounty - Some fun hacker stories and the future of API hacking
- 10:15 am
- Networking/Expo
Red Track
Blue Track
Purple Track
Solutions Track
Red Track
10:45 am
Android Applications and API Hacking
Gabrielle Botbol, Ethical Hacker | Award-winning Pentester | Artemis Red Team | Board Member | Speaker | Mentor
11:45 am
Machine Learning in API Security
Sagar Bhure, Security Engineer at F5
Blue Track
10:45 am
Security Considerations for API Gateway Aggregation
Yoshiyuki Tabata, Software Engineer at Hitachi, Ltd.
11:45 am
Securing API Credentials on GitHub.com
Jose Palafox, Director of Business Development at GitHubNatalee Webb, Senior Program Manager at GitHub
Purple Track
10:45 am
The Present and Future of OWASP API Security Top 10
Inon Shkedy, API Security Project Leader at OWASP
11:45 am
Discovery is the Starting Point for Defending APIs
Giora Engel, CEO at Neosec
Solutions Track
11:45 am
Automatically securing your APIs thanks to a shared security model between Business and Engineering
Jean Burellier, Tech Lead Platform Team at Sanofi
- 12:45 pm
- Networking/Expo
Red Track
Blue Track
Purple Track
Solutions Track
Red Track
1:15 pm
Escape Workshop: "Discovering GraphQL Vulnerabilities in the Wild
Antoine Carossio, Co-Founder & CTO @ EscapeTristan Kalos, Co-Founder & CEO @ Escape
2:15 pm
Beyond Vuln Management: How Adding Offensive Methodology Made Our APIs More Secure.
Michael Taggart, Senior Cybersecurity Researcher at UCLA Health Sciences
3:15 pm
Expanding Your Application Security: Integrating CNAPP and API Security
Meenakshi Kaushik, Leader – Product Management at Cisco
4:15 pm
Enhancing API Security with Runtime Secrets & Attestation
Ted Miracco, CEO of Approov Mobile Security
Blue Track
1:15 pm
The Power of Gates AND Guardrails
Brian Joe, Co-Founder and Head of Product at Impart Security
2:15 pm
AI in API Security
Carolina Ruiz, CEO at Brier & Thorn
3:15 pm
API Security - doing more with less.
Nir Paz, Product Management at Standard.ai
4:15 pm
Exploring Advanced API Security Techniques and Technologies
Sudhir Chepeni, Director Products and Technology at Akamai
Purple Track
1:15 pm
Learning from a decade of API breaches and why application-centric security is the right path
Jeremy Snyder, Founder and CEO of FireTail
2:15 pm
I KNOW WHAT YOU(r APIs) DID LAST SUMMER – Understanding and Identifying Threats Against APIs
Shannon Wilkinson, Cybersecurity Founder | Women in Technology & STEM Advocate | Keynote Speaker | Board Member & Advisor
Solutions Track
1:15 pm
OAuth, OIDC and protecting third-party credentials
Edmund Olson-Morgan, Core API and Innovation Lead at Marsh McLennan
4:15 pm
Structuring Security Forward
Megan Bell, Accomplished Cybersecurity, Privacy and Compliance Executive
- 5:15 pm
- API First Hacking
- 6:15 pm
- Closing Remarks
- 6:30 pm
- Movie Knight: Scorched Earth
- 9:00 am
- Welcome and Opening Remarks
- 9:15 am
- Breaking Vulnerable APIs
- 10:15 am
- Networking/Expo
Red Track
Blue Track
Purple Track
Solutions Track
Red Track
10:45 am
Vaishali's Guide to Hacking APIs
Vaishali Nagori, Security Researcher at Appknox
11:45 am
Princess of Thieves: How I Hacked 50 Banks
Alissa Knight, Partner at Knight Group
Blue Track
10:45 am
The emerging love triangle of API, Credential Stuffing, & Financial fraud
Arik Atar, Threat Intelligence Researcher at Human Security
Purple Track
10:45 am
Securing your APIs with multi-facet contract testing
Ian Douglas, Senior Developer Advocate at Postman
Solutions Track
10:45 am
Workshop: Detect OWASP vulnerabilities in your APIs with Postman
Rahul Dhawan, Senior Security Engineer at Postman
11:45 am
What if privacy had an API?
Sean Falconer, Head of Developer Relations and Marketing at Skyflow
- 12:45 pm
- Networking/Expo
Red Track
Blue Track
Purple Track
Solutions Track
Red Track
1:15 pm
How to abuse Terraform to elevate access
Michael McCabe, President at Cloud Security Partners
2:15 pm
Learn how to attack and mitigate vulnerabilities in GraphQL
Parth Shukla, Security Analyst at Cequence Security
3:15 pm
For flex(ibility) sake, modernize your legacy APIs!
Topher Marie, CTO and Cofounder at Strata Identity
4:15 pm
All #FHIRed Up
John Moehrke, Co-Chair, Security Working Group at Health Level 7 International (HL7)
Blue Track
1:15 pm
The Importance of Real-Time Protection in API Security
Jeremy Ventura, Director, Security Strategy & Field CISO atThreatX
2:15 pm
How would Tony Stark handle your API Security?
Brenton House, Vice President, Digital Evangelism at Software AG
3:15 pm
API Security Powered by ChatGPT
Meenakshi Kaushik, Leader – Product Management at Cisco
Purple Track
1:15 pm
Time to Take the "F*^!" out of ShiFt Left
Christine Bevilacqua, API Security Evangelist at APIsec University
2:15 pm
Approaching Multicloud API Security USing Metacloud
David Linthicum, Chief Cloud Strategy Officer at Deloitte Consulting
3:15 pm
FHIR API Security
Grahame Grieve, Creator of FHIR API Standard at Health Level 7 International (HL7)
Solutions Track
1:15 pm
Exploring Security Compliance in the OAuth 2.0 Ecosystem
Pieter Philippaerts, Research Manager at KU Leuven – DistriNet
2:15 pm
API orchestration: to build resilient applications
Cherish Santoshi, Sr. Developer Relations Engineer at Orkes
3:15 pm
Single click OAuth attack that may lead to account hijacking
Swapnil Deshmukh, CTO at Certus Cybersecurity Solutions LLC
- 5:15 pm
- Conference Closing Keynote