Also, the good people at Mind's Eye Creative produced a really nice graphic that helps explain the message that I was trying to convey.
Here's a tl;dr version of what I hoped to communicate in this presentation:
Organizations are moving towards more platform-as-a-service (PaaS) offerings
Part of the motivation for doing this is more API-oriented architecture
But cyber attacks against APIs are actually increasing pretty rapidly, with very real impact and lots of sensitive data leaked
The main attack vectors (authentication, probing, authorization, injection / bad requests) are things that can be easily detected and controlled at the application layer
As such, defining the security controls around those can and should be done in your API
Helper files and dedicated libraries can then check the validity of API requests in real-time
Implementing real-time API security is possible, and should be easy. That's where FireTail hopes to help.
By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.