The Perils of API Insecurity

In our hyperconnected world ruled by advanced Web technologies, such as social media, mobile, AI, and IoT, information security is everyone’s concern.

High-profile security incidents associated with APIs dominate the headlines and make a huge impact on businesses and users. Gartner predicts that, “By 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.”

Even though technical communicators are not directly responsible for API security, we can bring added value to our companies by helping them produce secure APIs.

 The goal of this session is to equip you with knowledge, skills, and tools to do so:

  • Give you a background on application security.
  • Introduce the main insecurities that APIs are prone to and create awareness of their impact on business.
  • Teach you how to identify some of them just by looking at the interfaces and documentation and help developers to address them in a timely manner.

About the Presenter:

Anne Tarnoruder is an experienced technical communicator with a strong background in software engineering. Prior to starting her technical writing career, she held various positions in software development and architecture in various Israeli high-tech companies.

Leveraging her background, Anne is specializing in documentation for developers and APIs. Currently, she focuses on application security testing software at Synopsys, Inc. This session continues her series of API documentation-related talks at the local and international tech communication conferences, such as MEGAComm, tekom, and ETC. Anne is the author of the book Standards and Guidelines for API Documentation recently published by tekom Europe.