Steve Winterfeld, Akamai Technologies, Advisory CISO Swetha Sridharan, IBM API Connect, Senior Product Manager
APIs are the backbone of modern applications, enabling seamless communication and user experiences, but their widespread use makes them prime targets for cybercriminals. Business and IT leadership is quickly recognizing that cyber risk is business risk, and securing API driven transformation is critical to protecting revenue and brand. Fueled by the latest research from Akamai’s State of the Internet (SOTI) report as well as IBM’s 2024 Cost of a Data Breach report, you will learn about the latest threat trends including the most-targeted industries and attack surfaces so you can stay secure in an evolving threat landscape. Join us to understand how to leverage these tactics to strengthen your API security practices and posture. Takeaways
Understanding of threat trends
Case studies by industry
Best practices, resources, and tools to mitigate the threat
Swetha Sridharan is passionate about solving problems through technology and empathetic design thinking in API management and integration. She is currently a Senior Product Manager at IBM API Connect.
Steve Winterfeld is Akamai’s Advisory CISO. He has a strong background in building operational security programs that are compliant with industry regulations. Before joining the team, he served as CISO for Nordstrom Bank, Managing Director of Incident Response and Threat Intelligence... Read More →
Beerinder Rodey, Boomi, Director, API Product Management
The rapid proliferation and fragmentation of APIs create complexities and inefficiencies that hinder operational effectiveness for many organizations. If you’re an API developer, product owner, or architect facing these challenges, join this session.
We will discuss the current state of API management and outline strategies to move from fragmented APIs to a unified federated approach. Key topics will include dynamic API discovery, the issues caused by API sprawl, and how effective API management can enhance workflows, support API productization, and enable scalability in the context of AI integration.
Gain insights into improving API visibility, security, and governance while leveraging your existing API management investments like AWS, Azure, Apigee, and Kong. Witness federated API management in action and explore its potential to streamline your API ecosystem.
Join us to discover how to: - Centralize API discovery and provisioning - Strengthen API governance for better control - Simplify API management practices
As a product management leader with over 10 years of experience in the API Management space, Beerinder has a proven track record of managing globally distributed SaaS and Hybrid platform solutions at scale. Beerinder is passionate about customer engagement and finding innovative solutions... Read More →
As APIs become the lifeblood of modern software development, ensuring their security, reliability, and scalability is more crucial than ever. Runtime API governance is the unsung hero that enables this success, providing the necessary guardrails and constraints to produce the desired outcome. In this talk, we'll explore the critical components of runtime API governance, including security posture, conformance checks, and ongoing change management. We'll delve into the importance of these components and how they work together to create a checks and balances system that ensures APIs can handle the pace of business and don't fall prey to runtime issues. Join us to learn how to build a robust API governance strategy that will help you sleep better at night, knowing your APIs are secure, reliable, and scalable.
With a 25-year career spanning multiple disciplines, including software programming, network desgin and engineering, technology consulting, product management, product marketing, corporate marketing, business development, and sales, Sudeep joined Traefik Labs as the Chief Revenue... Read More →
APIs are more vital - and more vulnerable - than ever before. The potential for exposing critical customer data or jeopardizing financial transactions puts organizations at significant risk of reputational and financial damage. Additionally, ensuring API performance and swiftly resolving client issues have become increasingly complex tasks. The solution to these challenges lies in effective API audit logging at key entry points. Understanding what to log and how to monitor this information for security threats is crucial. This session will provide essential practices for effective API audit logging, empowering you to safeguard your organization and enhance operational efficiency.
John has over 25 years of experience working in software and technology, with professional services consulting firms and product companies, ranging from large enterprises to small firms. John currently helps clients with their API governance, API management, and API security problems... Read More →
In today's fast-paced development environment, ensuring API security is more crucial than ever. Despite the strong desire to integrate security into software delivery cycles, many organizations struggle to achieve this effectively. This session will focus on the importance of proactive API security testing to match the pace of development and achieve business outcomes and goals. By understanding your organization's shift-left maturity, you can better position yourself to integrate security into your development processes seamlessly.
Using StackHawk's Shift-Left Maturity Model as a framework, we will explore how identifying your maturity stage is key to making meaningful progress. The session will delve into the three fundamental pillars of successful shift-left practices: people, process, and tooling. Join us to learn how to empower your team, optimize your processes, and leverage the right tools to shift left effectively and ensure robust API security.
Dan Hopkins has been a software engineer for 20 years, working at high growth startups such as VictorOps and LivingSocial and at large high tech companies such as Splunk. For the last 10 years he has focused on building tools for progressive engineering teams adopting DevOps and DevSecOps... Read More →
Madhusudhan Reddy, Imperva, Sr. Product Manager for Runtime Application Self Protection (RASP) and API Security
It is becoming more common for practitioners of API Security Testing to leverage runtime data to enhance their capability to discover business logic and API specific vulnerabilities. While runtime data are critical to overcome the limitation of static analysis, the data collection itself can raise real concerns over data privacy protection, especially when it can be seen as a breach of the compartmentalization between runtime and dev environments. In this talk you will learn best practices for the runtime API Security component to generate tests without jeopardizing data.
Sr. Product Manager for Runtime Application Self Protection (RASP) and API Security, Imperva
Madhusudhan Reddy (Madhu) is the Sr. Product Manager for Runtime Application Self Protection (RASP) and API Security at Imperva, a Thales company. Madhu has over 15 years of experience in Cyber Security. Prior to Imperva, Madhu worked at F5 where he managed threat intelligence products... Read More →
