Course
Skills Expanded
API Security Practices
This course will teach you how to implement basic API security practices.
What you'll learn
In this course, API Security Practices, you’ll learn to implement API security. First, you’ll explore the threats that APIs face and how to mitigate them. Next, you'll implement the basics of API security using CORs, SSL, data sanitization, and rate limiting. Then, you'll discover how to transmit sensitive data securely. Finally, you’ll find out how to implement JSON Web Tokens and OAuth for authentication and authorization. When you’re finished with this course, you’ll have the skills and knowledge needed to secure your APIs.
Table of contents
Course Overview
1min
Understanding API Security
29mins
- Version Check 0m
- Open Web Application Security Project 1m
- Unsafe Consumption of APIs 2m
- Improper Inventory Management 3m
- Security Misconfiguration 2m
- Server-side Request Forgery 3m
- Unrestricted Access to Sensitive Business Flows 2m
- Broken Function Level Authorization 2m
- Unrestricted Resource Consumption 2m
- Broken Object Property Level Authorization 2m
- Broken Authentication 4m
- Broken Object-level Authorization 2m
- API Security Best Practices 3m
- PCI Compliance for API Developers 1m
Implementing Basic API Security
32mins
- SSL Certificates 3m
- API Gateways 2m
- Rate Limiting 4m
- Cross-origin Resource Sharing 3m
- Demo: Setting up the API 4m
- Demo: Configuring an API Gateway with Rate Limiting 3m
- Demo: Rate Limiting 3m
- Demo: Cross-origin Resource Sharing 2m
- Demo: Using Environment Variables 1m
- Demo: Sanitizing User Input 2m
- Demo: Using a One Way Hash to Protect Passwords 2m
- Demo: Encrypting Sensitive Data 2m
JSON Web Tokens
19mins
Using OAuth for API Authentication
14mins
