Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
API Security as a key enabler for our digital transformation
10 June 2020 – Cyber Security Coalition
During the months of May and June, the Enterprise Security Architecture Focus Group organized two consecutive instructive webinars on API Security, each approached from a different angle. Next to devops, application containers and microservices, APIs are key enablers for the digital transformation of our enterprises.
The first webinar covered the ‘Common pitfalls and recent evolutions in API security’ and was presented by Philippe De Ryck (pragmaticwebsecurity), an internationally recognized web security expert, trainer, and speaker.
Philippe gave us an in-depth technical lecture on the best practices for API security, highlighting common API vulnerabilities along with current best practices for API authentication and authorization, and not to forget the recent evolutions in the API landscape. The content was based on his conference talks “Common API security pitfalls” and “Recent evolutions in the OAuth 2.0 and OpenID Connect landscape”, both food for an interactive Q&A during our group session.
After the deep dive of Philippe, we focused in a second webinar on the API Security architecture and strategy at ING. Patrice Krakow, lead architect of the API platform at ING Belgium, clarified how API security is being managed at ING, still with an emphasis on the applied architecture development method. Purpose of his webinar was to drive group interaction, allowing each and every member to learn from the insights and practices of others in the field of APIs.
Other blog posts
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.
This webinar presents the building blocks of an effective organization-wide risk management and explains the requirements for IT risk management certification.
In this Cyber Talk you gain insights in advanced threats outside your organisation and what you could potentially do to protect you from them.
In this first webinar of the GRC: Be Connected! series, some very basic aspects of cyber security are treated: how to manage necessary skills, what about frameworks, where to find knowledge.