PLAY PODCASTS
ASW #225 - Dan Moore

ASW #225 - Dan Moore

Application Security Weekly (Audio) · Security Weekly Productions

January 10, 20231h 20m

Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Exposed secrets from CircleCI, web hackers target the auto industry, $100K bounty for making Google smart speakers listen, inspiration from Office Space, AWS making better defaults for S3, resources for learning Rust

This segment will discuss options for protecting your APIs. First, why protect them? Second, what are the options and the tradeoffs.

Segment Resources:

- https://stackoverflow.blog/2022/04/11/the-complete-guide-to-protecting-your-apis-with-oauth2/

- https://fusionauth.io/learn/expert-advice/

- https://fusionauth.io/learn/expert-advice/oauth/modern-guide-to-oauth

- https://oauth.net/2/

- https://tools.ietf.org/html/rfc6749

- https://datatracker.ietf.org/doc/id/draft-ietf-oauth-v2-1-07.html

- https://paseto.io

- https://securityboulevard.com/2021/11/biggest-api-security-attacks-of-2021-so-far/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/secweekly

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/asw225

← All episodes of Application Security Weekly (Audio)