Workshop: The OWASP API Security Top Ten (2023)

APIs are the backbone of modern applications—but they also introduce unique security risks. In this hands-on workshop, participants will focus on the OWASP API Security Top Ten (2023).

Live Training $25 - $150

Course Length: 4 Hours

Includes a Certificate of Completion

Enroll Now

Next scheduled date: September 19th, 2025 @ 11:00 AM EDT

Description

APIs are the backbone of modern applications—but they also introduce unique security risks. In this hands-on workshop, participants will focus on the OWASP API Security Top Ten (2023).

Using a “Bad, Better, Best” approach, they will analyze insecure API patterns, discuss mitigation techniques, and review improved code examples. Students can either download the code from the instructor’s GitHub repository to follow along on their own machines using VS Code or view the live walkthrough on the instructor’s screen.

System Requirements

Student/Lab Requirements:
- Modern operating system that can run VS Code (https://code.visualstudio.com/download), the ability to connect to the internet with a fastest enough speed for streaming, modern web browser installed, the ability to visit the streaming platform site and also GitHub.com. Please install VS Code before the class.
- Please install VS Code (or your IDE of preference, any will do) before the class and ensure you can visit the site GitHub.com

Syllabus

Introduction & Setup

- Brief overview of the workshop agenda

- Instructions for downloading code from GitHub

- Setting up VS Code and previewing the “Bad, Better, Best” examples

OWASP API Top Ten (Items 1-5)

- Brief overview of each item, its associated risks, and remediation

- Guided code review for each item:
  - - Bad: Reviewing an API with no defenses
  - - Better: Introducing one defense
  - - Best: Implementing multiple defenses

- Open discussion: Key takeaways and questions

OWASP API Top Ten (Items 6-10)

- Brief overview of each item, its associated risks, and remediation

- Guided code review for each item:
  - - Bad: Reviewing an API with no defenses
  - - Better: Introducing one defense
  - - Best: Implementing multiple defenses

- Open discussion: Lessons learned and practical applications

Wrap-Up & Q&A

- List of free and Open Source API Security Tools

- Conclusion and Questions

- Suggestions for continued learning and resources

FAQ

Who Should Attend:

Developers, DevOps engineers, and software architects who work with APIs
Security professionals looking to enhance their API security knowledge
Anyone responsible for designing, implementing, or maintaining API-based applications

Prerequisites:

Familiarity with API concepts and web application development
Basic knowledge of coding and using VS Code
No prior API security experience is required

Audience Skill Level:

Intermediate

About the Instructor

Tanya Janca

Bio

Tanya Janca, aka SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Secure Coding’, ‘Alice and Bob Learn Application Security’ and the ‘AppSec Antics’ card game. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software.

Register for Upcoming

Filter by Product Instructor
- Tanya Janca
Filter by Product Date
- 09/19/2025 11:00 AM EDT
Filter by Product Type
- Live Training

Certificate of participation, six months access to class recordings and our appreciation.

$25 - $150

September 19th, 2025 11:00 AM EDT - 4:00 PM EDT

Registration End Date: 10:00 PM, EDT September 18th 2025

Next scheduled date: September 19th, 2025 @ 11:00 AM EDT

Description

System Requirements

Student/Lab Requirements:

Syllabus

FAQ

About the Instructor

Bio

Register for Upcoming

Workshop: The OWASP API Security Top Ten 2023 with Tanya Janca

Complete Package

Pay Forward What You Can

Pay Forward What You Can

Pay Forward What You Can

Pay Forward What You Can

$25 - $150 $150 $100 $75 $50 $25

September 19th, 2025 11:00 AM EDT - 4:00 PM EDT

Similar Courses

Workshop: SOC Detection Engineering Crash Course with Hayden Covington

Workshop: Foundational Application Security Training with Bill McCauley

Workshop: The Hitchhiker’s Guide To Social Engineering with Cameron Cartier

Workshop: Exploiting AI with Ben Bowman

$25 - $150