API security
Cybersecurity
Events
November 15, 2023

FireTail at SecOps Vision for 2024

FireTail CEO Jeremy Snyder speaks about the importance of API security at SecOps Vision for 2024.

FireTail at SecOps Vision for 2024

SecOps Vision for 2024, powered by Techstrong Learn, gave industry professionals the opportunity to connect and share security strategies. The virtual event was attended by a diverse range of cybersecurity practitioners and leaders who are pushing the boundaries of SecOps practices to form effective, innovative security teams.

FireTail CEO, Jeremy Snyder, was pleased to provide the assembled audience with insights into the importance of API security at the intersection of cloud and application security.

Key points covered in the talk:

  1. The critical role of APIs: APIs facilitate communication between applications, accounting for about 83% of all internet calls today. API calls transmit sensitive information like personal details and payment data across multiple parties in various transactions, making them a significant security concern.
  2. APIs as the primary attack surface: With APIs becoming the most prevalent attack vector, focusing on API security is crucial. APIs account for approximately 90% of web app attack surfaces and over 70% of modern breaches involve APIs.
  3. Risk factors and challenges: Top risk factors in API security are authentication and authorization. Another big challenge is that developers often get ahead of security, leaving security teams behind.
  4. Addressing API security challenges: A security posture management that involves discovering, observing, and assessing APIs against security best practices is crucial for API security. Developers should also be educated about about security considerations in API design.
  5. Evolution of cloud security: There's been a shift in cloud security breaches over the years, from initial misconfigurations (like open S3 buckets) to attacks leveraging APIs to gain access and move laterally within cloud environments.
  6. Role of API Ops in enhancing security: API Ops can bolster security monitoring API design and usage, collecting telemetry data, ensuring the conformity of request and response patterns, and reducing excessive data exposure.

Jeremy's talk provides insights into the evolving landscape of API security, and emphasizes the need for a proactive approach to secure the burgeoning API-centric development paradigm.

A big thank you to the team at SecOps Vision for 2024 and we look forward to seeing what the next year of API security has in store for us!

Lina Romero

Related posts

APIs and Competitive Advantage in the Travel Sector
April 17, 2024

APIs and Competitive Advantage in the Travel Sector

In the travel sector, securing a competitive edge is vital. In a hyperconnected industry, where demand fluctuates, pricing is dynamic and customers have endless options, efficient and well-secured APIs can make a huge difference.

Read more
Revisiting Cambridge Analytica in 2024
April 11, 2024

Revisiting Cambridge Analytica in 2024

The Cambridge Analytica Data Scandal led to the collapse of the company, court cases and massive fines for Meta. It highlighted the massive impact that technology was having on society, politics and democracy. Now, almost a decade later, we take a look at how a poorly configured API started it all.

Read more
I was Wrong about Endpoint Security
April 5, 2024

I was Wrong about Endpoint Security

Based on trends in changing compute architectures, it seemed logical that Endpoint Detection and Response companies would shrink their overall install base. Instead, EDR has evolved into Extended Detection and Response.

Read more

This site uses cookies

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Got it!