Free
OWASP Austin Chapter Monthly Meeting - May 2022

OWASP Austin Chapter Monthly Meeting - May 2022

Actions and Detail Panel

Free

Event Information

Share this event

Date and time

Location

Location

NI

11500 North Mopac Expressway, Building C

Austin, TX 78759

View Map

Event description
Chapter Meeting and presentation: 'Hack your APIs in 15 min or less' w/ Himanshu Dwivedi

About this event

Back at NI for the first time in 2 years! Please RSVP early so we know how much lunch to provide. Ticket 'sales' will end earlier then normal! (An online Zoom option will still exist.)

30 minutes of meet-and-greet and Chapter information, then the Presentation!

'Hack your APIs in 15 min or less'

It is very hard, if not impossible, to secure something you don’t know exist. While security professionals spend countless hours on complex yet interesting issues that *may* be exploitable in the future, basic attacks are occurring every day with little to reviews. For example, a “dated trend” by effective yet lazy hackers is to search for API unknown by security teams, coined “Shadow APIs”, connect to these APIs, and extract data. While SQL Injection used to be the hack of choice, as a few simple SQL commands would either mean “pay dirt” or “move on to the next target”, the same can be said for Shadow API….Find, Connect, Extract. This talk will discuss one of many methods that are used in the wild to target Shadow APIs and export large volumes of data with a few clicks of a button (lines of code in python code :). Attendees will learn about a very basic yet non-so-obvious problem in securing data, and how hackers are using creative methods to steal large volumes of data.

Presenter:

Himanshu Dwivedi is the CEO of Data Theorem, Inc., an application security company focusing on API Security (RESTful & GraphQL), mobile apps (iOS &Android), Cloud Apps (Serverless), and Single Page WebApps (SPAs). Himanshu has been an avid start-up entrepreneur since 1999, where he and 3 friends started the west coast office of @stake, an information security firm that was later acquired by Symantec. In 2004, Himanshu co-founded iSEC Partners, an application security company that was acquired by the NCC Group in 2010. Himanshu has several publications, including six different books (Mobile Application Security, Hacking VoIP, Hacking Exposed: Web 2.0, Hacker’s Challenge 3, Storage Security, and Implementing SSH) as well as the owner of one patent (Patent number 7849504). He has also presented at numerous conferences, including 6-time BlackHat speaker. Himanshu received a B.S. from the Carlson School of Management (University of Minnesota), where he was awarded the Tomato Can Loving Cup Award, which is given to the school’s top graduating student.

Share with friends

Date and time

Location

NI

11500 North Mopac Expressway, Building C

Austin, TX 78759

View Map

Save This Event

Event Saved