APIs are today commonplace. They enable new, creative and innovative usages for our data. Unfortunately, APIs are not a security layer. Their primary purpose is to allow quick and easy access.
Luckily, there are many ways to add security. But with endless variations of methods and keys, it is not always easy to know what to do. Access keys, secret keys, shared keys, signing keys, hashed keys, one-time keys, and what-not-keys. What does it take to create a secure API? Is there a secret recipe? Any rituals? Or is it dumb luck?
Working for Softhouse as a software security expert Niclas Kjellin has designed secure systems for many companies and products. Over the years he realized that security does not happen by magic. Knowing when and where to focus the effort is half the work. However, he’s real mission is to help developers to understand the concepts of security and deliver better software.
17.30-17.45 Meet & Greet
18.30-19.00 Meet & Eat