25 Years of API Security - A Comprehensive Review and Outlook

Over the past year, we have built upon our previous research, including the "10 Year Overview of API Security," the "2022-Q4 API ThreatStats Report," and our predictions for 2023, to deliver the most comprehensive analysis of API security to date. Our goal is to provide you with valuable insights, statistics, and forecasts that will help you understand the current state of API security and prepare for the future.

In this webinar, we will cover:

1. The history of API security, from its early days to the present, including a look at the very first API exploit discovered in 1998.
2. An analysis of major threat vectors and threat actors, as well as the emergence of the Zero-Trust security model.
3. A review of over 10,000 CVEs, bug bounty reports, and exploits related to APIs, thanks to our collaboration with vulners.com.
4. A deep dive into the classification of API vulnerabilities, including the challenges faced due to the overlap between OWASP Top-10 and OWASP API Security Top-10.
5. An examination of previous and related work, such as our OWASP Top-10 2021 predictions and the GoTestWAF tool for testing API security and WAFs.
6. A presentation of our findings, including charts, analysis, and predictions for the future of API security.

Throughout the webinar, we will also discuss the main reasons behind this research, such as collecting reusable data, gaining insights, and building statistics to better understand where API security has been and where it's headed.