Fork the Good Bank APIs collection: [ Ссылка ]
Join us for a one-hour, introductory Postman learning session geared specifically for security-minded developers, penetration testers, security engineers, or anyone else who’s interested in API security. We’ll walk you through the most common OWASP API vulnerabilities and learn how to build more-secure APIs.
Here’s what we’ll do in this session:
- Identify the most common API vulnerabilities
- Mitigate some of the most common vulnerabilities
- Use Postman monitors to automate API security tests
- Prevent vulnerabilities by using API-first methodologies
- Identify security best practices in Postman
00:00 - Intro
02:11 - A little about you
05:10 - What does API Security mean
08:00 - Security during API Design
24:30 - Top API security vulnerabilities
31:30 - Manual testing of SQL injection
47:50 - Automated testing of API vulneratbilities
50:20 - Postman Security workspace overview
55:00 - Additional resources
