Excited to host API Security workshop 2.0 in collaboration with OWASP LA and Co-host Edmond Momartin. This workshop will equip participants with the knowledge and hands-on skills to integrate API Security Testing into their GitHub DevSecOps pipelines.
The OWASP Los Angeles chapter regularly meets in-person on the 4th Wednesday every month featuring dinner, a great speaker and opportunity for networking.
Event Details:
Date: Oct 27, 2023
Time: Wednesday, Oct 27, 5pm PDT to 7:30pm PDT
Duration: 2.5 hours
Location: BLANKSPACES - Santa Monica Coworking Office Space 1450 2nd St · Santa Monica, CA
Format: Hands-On Training Workshop
Drinks and Food provided at the venue: Yes
Pre-requisites:
A GitHub account.
Basic understanding of application security.
Attendees are required to bring their laptops with internet connectivity
Agenda:
Introduction (15 minutes)
The DevSecOps paradigm and its importance.
Understanding GitHub Actions.
The relevance of API Security testing in the CI/CD pipeline.
Overview of GitHub Actions for CI/CD (10 minutes)
Basic components: workflows, runners, actions.
Demonstration: A simple CI pipeline with GitHub Actions.
Hands-on: Integrating API Security testing with GitHub Actions (60 minutes)
Introduction to API Security Testing.
Overview of OWASP Top 10 for API Security
Hands-on activity:
Setting up a test environment (ideally a deployed version of the app).
Configuring the API Security tool to scan the deployed application.
Writing a GitHub Actions workflow to trigger API Security scans post-deployment.
Analyzing and responding to API Security findings within GitHub.
What's in it for Participants?
Skill Enhancement: Mastery of integrating API Security checks within the popular GitHub Actions CI/CD framework.
Hands-on Experience: Directly apply workshop teachings to real-world scenarios.
Collaboration: Network and collaborate with peers facing similar challenges.
Speakers
Ankita Gupta
CEO & Co-Founder at Akto
Ankush Jain
CTO & Co-Founder at Akto
