Open APIs: Security for Mobile and the Cloud

•Als PPTX, PDF herunterladen•

0 gefällt mir•592 views

A look at what’s driving new Internet-facing organizations to open up information through APIs and the implications for application security.

Wirtschaft & Finanzen Business Technologie

Open APIs: Security for Mobile and the Cloud
 Caleb Sima
EIR, Andreessen Horowitz

February 27, 2012

My Perspective
 Entrepreneur in Residence, Andreessen Horowitz
 CEO Armorize Technologies
 CTO Application Security HP
 CTO & Co-Founder of SPI Dynamics
 Internet Security Systems

What’s Driving API Growth?

APIs are often driven
by business interests
instead of by IT

The Emergence of Legacy Systems on the Internet

Introduces new
risk profiles

Four Major Issues

 Credentials and Authentication
 Access Control and Authorization
 Validation of Inputs
 Misconfiguration

Overly Granular Application API

Insecure

More secure

Normal WebApp: One Request - One API

Post to Register.aspx with the the
following data:

Email=csima%40a16z.com&User
Name=csima&Password=reallyha
rdpassword&ConfirmPassword=re
allyhardpassword&Captcha=hatm
als

With Ajax multiple requests = Multiple Inputs = Bigger
Attack Surface

CheckUsername(csima)

ValidateEmail(csima@a16z.com)

CheckCaptcha(hatmals)

*Demo Search

Final Submission of all data to server

Exposed Administrative API

Intended use

Malicious use

What is wrong with this code?
 Real world application using Microsoft’s framework

A Best Practice—Decouple Security from App

Separation of concerns
between developer and
security admin

Weitere ähnliche Inhalte

Was ist angesagt?

API Security - OWASP top 10 for APIs + tips for pentesters

Inon Shkedy

Web application security

Akash Mahajan

API Security with Postman and Qualys

Postman

Learn how to hack Windows machines and reveal the password of the domain admin by hacking into the memory and Windows Services. This is Level 400 content with a lot of demos and it covers many security technologies like machine learning, post-breach defensive and pre-preach defensive controls. I presented this session in the first BSides Security conference in Amman-Jordan and I am sharing the slides as requested by the audience. I am also going to post the full video on my Youtube Channel: http://youtube.com/ammarhasayen , so, don't forget to subscribe. I would like to hear your feedback on my session, so please connect with me on twitter @ammarhasayen and let me know what do you think. About me: http://ahasayen.com Blog: http://blog.ahasayen.com Social Media (Twiiter, LinkedIn, Instagram): @ammarhasayen Windows Advanced Threat and Defensive Technique

Windows Advance Threats - BSides Amman 2019

Ammar Hasayen

Using the Google SafetyNet API for Banking & Finance

Hitesh Sahu

Checkmarx meetup API Security - API Security top 10 - Erez Yalon

Adar Weidman

Api security

teodorcotruta

Web application security

Akash Mahajan

Security in mulesoft

akshay yeluru

The AWS Shared Responsibility Model in Practice

Alert Logic

A successful API strategy requires a strong partnership between the business, IT, and security functions. Rather than as a hindrance, security increasingly is viewed as a business enabler, with CISOs and CSOs playing a critical role in implementing “guardrails” for safe, secure and compliant API services and security architectures free of unnecessary complexity. Ultimately, a secure API platform enables developers and DevOps to focus on innovation—by improving the mobile user experience and deploying apps in the cloud, with appropriate security controls built-in. In this webcast, Apigee’s Subra Kumaraswamy and Saba Software CSO Randy Barr will explore how CISOs and CSOs partner with IT and business leaders for a safe and secure journey to cloud, SaaS, and mobile services. Join to learn about: - The role of the security officer in helping IT and business meet objectives - How smart and secure API guardrails remove friction in consuming APIs while protecting sensitive data exposed via APIs. - Best practices that work for an API centric enterprise Download podcast: http://bit.ly/1B6h3TR

Security as an Enabler for the Digital World - CISO Perspective

Apigee | Google Cloud

Azure Information Protection

Microsoft

More and more enterprises today are doing business by opening up their data and applications through APIs. Though forward-thinking and strategic, exposing APIs also increases the surface area for potential attack by hackers. To benefit from APIs while staying secure, enterprises and security architects need to continue to develop a deep understanding about API security and how it differs from traditional web application security or mobile application security.

API Security: Securing Digital Channels and Mobile Apps Against Hacks

Akana

Defence in Depth for your data in the cloud

Amazon Web Services

Data-driven Security: Protect APIs from Adaptive Threats

Apigee | Google Cloud

Secure Code Warrior - Defense in depth

Secure Code Warrior

Security components in mule esb

himajareddys

Authentication across the Atlassian Ecosystem - AtlasCamp 2011

Atlassian

Reducing Your Attack Surface & Your Role in Cloud Workload Protection

Alert Logic

OWASP -Top 5 Jagjit

Jagjit Singh Brar

Was ist angesagt? (20)

API Security - OWASP top 10 for APIs + tips for pentesters

Web application security

API Security with Postman and Qualys

Windows Advance Threats - BSides Amman 2019

Using the Google SafetyNet API for Banking & Finance

Checkmarx meetup API Security - API Security top 10 - Erez Yalon

Api security

Web application security

Security in mulesoft

The AWS Shared Responsibility Model in Practice

Security as an Enabler for the Digital World - CISO Perspective

Azure Information Protection

API Security: Securing Digital Channels and Mobile Apps Against Hacks

Defence in Depth for your data in the cloud

Data-driven Security: Protect APIs from Adaptive Threats

Secure Code Warrior - Defense in depth

Security components in mule esb

Authentication across the Atlassian Ecosystem - AtlasCamp 2011

Reducing Your Attack Surface & Your Role in Cloud Workload Protection

OWASP -Top 5 Jagjit

Ähnlich wie Open APIs: Security for Mobile and the Cloud

OWASP’s 2017 top ten adds a new category called 'underprotected APIs', reflecting the growth of RESTful Web APIs and richer front-end clients which stress current security and access authorization approaches. You’ll learn about potential threats resulting from undersecured Web APIs and techniques to strengthen your API security posture. You'll gain a clear understanding of user authorization via OAuth2, software authorization via static API keys and the critical interplay between them. Of particular concern are mobile API consumers whose code is statically published with secrets which are often poorly concealed. Practical advice with code examples will show how to improve mobile API security. TLS is necessary but insufficient to fully secure client-server communications. Certificate pinning is explained with code examples to show how to strengthen channel communications. Some advanced techniques will be discussed such as app hardening, white box cryptography and mobile app attestation. You should gain a good understanding of the underprotected API problem, with some immediately practical tips to improve your API security posture and a sense of emerging tools and technologies that enable a significant step change in API security.

LF_APIStrat17_OWASP’s Latest Category: API Underprotection

LF_APIStrat

5 step plan to securing your APIs

💻 Javier Garza

Hackers versus Developers and Secure Web Programming

Akash Mahajan

Guidelines to protect your APIs from threats

Isabelle Mauny

APIdays London 2019 - API Security Tips for Developers with Isabelle Mauny, 4...

apidays

APIdays Paris 2019 - API Security Tips for Developers by Isabelle Mauny, 42Cr...

apidays

Novinky F5 pro rok 2018

MarketingArrowECS_CZ

Scalable threat modelling with risk patterns

Stephen de Vries

apidays LIVE LONDON - Protecting financial-grade APIs - Getting the right API...

apidays

Office 365 environments are very attractive targets for attackers. So, it's never been more important to understand how its security structure works, and how to best configure it. In this in-depth session, we'll run through real-time attack scenarios and examine common attack vectors. And then we'll explore the various defense capabilities of Office 365, the MS Graph API, and Azure AD. We'll deep-dive into external sharing, authentication options, third-party application security (what apps should and shouldn't be able to do), and even some do's and don'ts regarding Azure AD endpoints and authorization mechanisms. You'll walk away with a solid understanding of how to use the Office 365 defense tools at your disposal, such as the Attack Simulator and Threat Intelligence, as well as how they relate to real-world attacks.

Microsoft365 from a Hacker's Perspective

Benedek Menesi

Threat modeling with architectural risk patterns

Stephen de Vries

apidays LIVE Paris - Protecting financial grade API: adopting the right secur...

apidays

apidays New York 2023 APIs for Embedded Business Models: Finance, Healthcare, Retail, and Media May 16 & 17, 2023 A decade of API breaches, courtesy of application flaws Jeremy Snyder, Founder at FireTail ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

apidays New York 2023 - A decade of API breaches, courtesy of application fla...

apidays

If you ask about API security, you will be most likely be told about OAuth2, may be OpenID Connect and of course TLS. But in order to properly secure APIs, you will have to address many other aspects. This presentation cover key concepts related to API Security, as well as practical tools/solutions to address the overall issue, such as: - Transport and message encryption. - Digital Signatures - Auditing and non-repudiation - SecDevOps and security as code - Coding best practices and how to enforce them - Infrastructure Best Practices

42crunch-API-security-workshop

42Crunch

Protecting web apps

Omkar Parab

In loosely coupled architectures, we must put in place application level security, should it be for client traffic (North-South) or intra-microservices traffic (East-West). In this webinar, we show you how the 42Crunch API firewall can be used to put API threat protection in place automatically, as early as design time. We’ll use a mix of slides and demos to present: (1) The various elements of security to consider in order to cover the full API security scope (infrastructure vs application level security) (2) Which threat protections must be put in place in a microservices architecture, and where (3) How to leverage OpenAPI (aka Swagger) to configure threat protection from design time (4) How to automate threat protection deployment

Protecting Microservices APIs with 42Crunch API Firewall

42Crunch

apidays Helsinki & North 2023 API Ecosystems - Connecting Physical and Digital June 5 & 6, 2023 API Security in the era of Generative AI Matt Feigal, Partner Engineering Manager at Google Cloud Sweden ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

apidays Helsinki & North 2023 - API Security in the era of Generative AI, Mat...

apidays

Security in the cloud protecting your cloud apps

Cenzic

Vices & Devices - How IoT & Insecure APIs Became the New Cyber Battlefront

Ory Segal

Low Latency Fraud Detection & Prevention

Sid Anand

Ähnlich wie Open APIs: Security for Mobile and the Cloud (20)

LF_APIStrat17_OWASP’s Latest Category: API Underprotection

5 step plan to securing your APIs

Hackers versus Developers and Secure Web Programming

Guidelines to protect your APIs from threats

APIdays London 2019 - API Security Tips for Developers with Isabelle Mauny, 4...

APIdays Paris 2019 - API Security Tips for Developers by Isabelle Mauny, 42Cr...

Novinky F5 pro rok 2018

Scalable threat modelling with risk patterns

apidays LIVE LONDON - Protecting financial-grade APIs - Getting the right API...

Microsoft365 from a Hacker's Perspective

Threat modeling with architectural risk patterns

apidays LIVE Paris - Protecting financial grade API: adopting the right secur...

apidays New York 2023 - A decade of API breaches, courtesy of application fla...

42crunch-API-security-workshop

Protecting web apps

Protecting Microservices APIs with 42Crunch API Firewall

apidays Helsinki & North 2023 - API Security in the era of Generative AI, Mat...

Security in the cloud protecting your cloud apps

Vices & Devices - How IoT & Insecure APIs Became the New Cyber Battlefront

Low Latency Fraud Detection & Prevention

Mehr von CA API Management

Extend your legacy SOA/ESB infrastructure to Mobile & IoT This webinar recording provides a use-case driven discussion around appropriate use of existing middleware infrastructure as well as its shortcomings. It dives deep into how APIs can not only complement an ESB or SOA infrastructure but also fill existing gaps. Watch this webinar recording to learn about: - Strengths and weaknesses of your existing ESB/SOA infrastructure - Architecture strategy: extend and add value to legacy middleware with APIs - Integration / API use cases in Retail, Manufacturing and Telecom - The API360 approach to digital strategy

Api architectures for the modern enterprise

CA API Management

Mastering Digital Channels with APIs

CA API Management

Examining today's biggest API breaches to mitigate API security vulnerabilities Data breaches have become the top news story. And APIs are quickly becoming the hacker's new favorite attack vector. They offer a direct path to critical information and business services that can be easily stolen or disrupted. And your private APIs can be exploited just as easily as a public API. So what measures can you take to strengthen your security position? This webinar explores recent API data breaches, the top API security vulnerabilities that are most impactful to today's enterprise and the protective measures that need to be taken to mitigate API and business exposure. You Will Learn -Recent breaches in the news involving APIs -Top attacks that compromise your business -Mitigating steps to protect your business from attacks and unauthorized access -API Management solutions that both enable and protect your business Learn about API Security at http://www.ca.com/api

Takeaways from API Security Breaches Webinar

CA API Management

At some point, we all need to design and implement APIs for the Web. What makes Web APIs different than typical component APIs? How can you leverage the power of the Internet when creating your Web API? What characteristics to many "great" Web APIs share? Is there a consistent process you can use to make sure you design a Web API that best fits your needs both now and in the future? In this session Mike Amundsen describes a clear methodology for designing Web APIs (based on the book "RESTful Web APIs" by Richardson and Amundsen) that allows you to map key aspects of your business into a usable, scalable, and flexible interface that will reach your goals while creating a compelling API for both server and client developers. Whether you are looking to implement a private, partner, or public API, these principles will help you focus on the right metrics and design goals to create a successful API.

API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...

CA API Management

Liberating the API Economy with Scale-Free Networks The Web exhibits a feature found in many complex systems known as "Scale-Free" or "Power-Law" networks, sometimes called the "long tail" Most people think of the "long tail" as an economic and/or social property. However, it also represents physical and informational properties fundamental to the way the Web works. But the steady increase in major service outages indicate that many current Web APIs, services, and even client applications ignore this basic "law of the Web." This talk explores the "Scale-Free" rule of complex systems and offers clear and simple advice to those planning to build and/or consume APIs for the Web. Such as what to avoid, what to plan for, what to build, and how to identify & steer clear of clients and services that fail to abide by the rules and, in the process, are making it harder for all of us to liberate the API Economy.

Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...

CA API Management

APIs are everywhere: powering mobile apps, enabling cloud computing, connecting people through social networks and helping to create the Internet of Things. Organizations of every kind are evaluating how they can leverage APIs and replicate the success of companies like Amazon, Google and Salesforce. Join this webinar to learn about the #API360 model for enterprise API success. This model covers the full spectrum of considerations for companies looking to succeed with APIs for the long haul. You will also hear more about the upcoming #API360 Summit that will take place in Dallas on February 26. You Will Learn • How leading Web companies have used APIs to boost revenues and market share • How to create an enterprise API strategy that will yield real business results • How to institutionalize best practices that will allow your APIs to evolve and grow

API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...

CA API Management

Securely Open data as APIs to internal groups and third parties to generate revenue In today's application economy, organizations are leveraging APIs to create new revenue streams. To monetize its information, the enterprise needs a way to transform data into APIs, enforce SLAs and implement a standardized fulfillment process with flexible and integrated billing systems. This webinar will explored how enterprises can overcome these monetization challenges, using an API management solution that securely opens data to internal groups and third parties as APIs, in order to generate revenue.

API Monetization: Unlock the Value of Your Data

CA API Management

The Information Age, 100 years on The rise of the computer and the digital revolution is responsible for an explosion of devices, data, and connectedness. These are all enabling what is called the dawning of the Information Age. And software designers, developers, and architects all share an important responsibility for shaping and guiding the world’s progress through this axial age into the future. However, more than 100 years ago, the work of organizing the world’s information into a single all-encompassing taxonomy had already begun. Partially influenced by the positivist doctrine of Auguste Comte, leading thinkers of the early 20th century such as the librarian Paul Otlet in Belgium, museum curator Patrick Geddes in Scotland, and educator Melvil Dewey in the US were each working to design universal classification systems that would encompass and coordinate the explosion of information appearing in libraries, museums, newspapers, magazines, and eventually even radio, movies, and television. What did we learn in the last century? What have we forgotten? How does their work affect our current trajectory in transforming the work of software and systems design and development? What can we take from Dewey, Otlet, and Geddes with us in to the next 100 years of the Information Age.

Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...

CA API Management

Identity on the Internet is changing. Social networking has kicked off a massive change in how we integrate identity across applications. This is much more than a simple redesign of security tokens and protocols; instead it is a radical redistribution of power and control over entitlements, shifting it away from the centralized control of a cabal of directory engineers and out to the users themselves. There are compelling reasons for this shift: it enables scaling of identity administration, and it promotes rapid and agile integration of applications. These are goals shared by the enterprise, but this change has significant implications on infrastructure, people and process. Join us to learn how you can bring modern identity management into the enterprise.

Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...

CA API Management

Moving beyond conventional single sign-on to seamless cross-device access with APIs People are carrying more devices every day – with the average being 2.9 per person. Meanwhile, multitasking has gone into overdrive, as users quickly move from laptop to phone to tablet, expecting a seamless experience when accessing their favorite apps. And this expectation is not just limited to leisure and personal use – it extends to business applications. Security has broken this seamless workflow and inhibited the mobile “stickiness” businesses are striving to achieve. This webinar with Scott Morrison and Leif Bildoy of CA Technologies will demonstrate how the right combination of identity functionality and secure APIs can help your organization to overcome these challenges and enable the multi-device universe. You Will Learn • What challenges must be overcome when supporting multiple mobile app types • How SSO is evolving past mobile app access to device access • Why the right implementation of identity and APIs will create consumer stickiness • How the Internet of Things (IoT) is creating new business opportunities

Enabling the Multi-Device Universe

CA API Management

Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...

CA API Management

The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...

CA API Management

APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...

CA API Management

Adapting to Digital Change: Use APIs to Delight Customers & Win

CA API Management

Today’s enterprise mobility solutions emphasize heavy-handed IT governance of devices and applications that impose a burden on developers and/or users. However, managing data and applications using high performance mobile-optimized infrastructure can enable secure, scalable apps while minimizing the effort required by developers and allowing them to focus on their strengths. Come learn how to facilitate the best of both worlds – multi-layer mobile security using modern standards and a fantastic user experience.

Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...

CA API Management

5 steps end to end security consumer apps

CA API Management

By now you’ve bought into the idea of using APIs to integrate cloud, mobile devices and the enterprise. But are building safe APIs? One insecure API can increase your organization’s risk profile exponentially. Securing APIs is not like securing the web—a point lost on many developers coming from a web-centric background. Learn what good practices to put in place and the common security anti-patterns you must avoid to ensure your company’s APIs are reliable, safe and secure. You will learn: • The top ways hackers exploit APIs in the wild • Common identity pitfalls and how to avoid them • Why OAuth scopes are essential to master • How to keep web developers from bringing bad habits with them

Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...

CA API Management

The Internet of Things (IoT) promises to improve our productivity and day-to-day lives by connecting a vast range of devices – from cell phones, to cars, to domestic appliances and even to drones. APIs represent the key technology that will make it possible to integrate and leverage information from all these “things”. There are obvious security and privacy concerns associated with using APIs to expose data and functionality from one device to many others. So, how can we make sure hackers cannot exploit the unprecedented connectivity created by IoT? This webinar will explore key IoT use cases and explain how to address the API security requirements for these use cases.

Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...

CA API Management

The VIP networking lunch will feature a presentation by Keith Junius, Solution Architect, from Veda on ‘Implementing an API Management Platform’. Attendees will hear about how Veda has modernized their B2B API platform by deploying SOA Gateways. Join Layer 7 at this lunch to learn about: • Design considerations for API management platforms • Technical and business challenges faced across the whole system lifecycle • The soft skills required to achieve a successful outcome • Lessons learned during and after the project • Benefits realized by the new platform

Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...

CA API Management

Today, tech-savvy consumers are always connected, using their mobile devices to compare prices, read user-generated reviews and pay for products - and many leading e-tailers already connect their customers to this information. The any time, any place connectivity enabled by mobile devices empowers all retailers to offer the kinds of enhanced shopping experiences modern consumers are becoming accustomed to. To truly satisfy the needs of these well-informed, mobile consumers, retail organizations will need ways to create unified shopping experiences across all channels – from brick-and-mortar stores to the Web to mobile. Increasingly, offering a compelling mobile experience will become the cornerstone upon which these omni-channel shopping experiences are built. In this webinar, you will learn how APIs can: • Help deliver a consistent retail experience across multiple channels • Connect retailers with social data • Extend legacy systems to mobile apps • Enable organizations to make real-time use of contextual data and buying patterns

Using APIs to Create an Omni-Channel Retail Experience

CA API Management

Mehr von CA API Management (20)

Api architectures for the modern enterprise

Mastering Digital Channels with APIs

Takeaways from API Security Breaches Webinar

API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...

Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...

API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...

API Monetization: Unlock the Value of Your Data

Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...

Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...

Enabling the Multi-Device Universe

Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...

The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...

APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...

Adapting to Digital Change: Use APIs to Delight Customers & Win

Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...

5 steps end to end security consumer apps

Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...

Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...

Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...

Using APIs to Create an Omni-Channel Retail Experience

Kürzlich hochgeladen

Gurley shaw Theory of Monetary Economics.

Vinodha Devi

The Economic History of the U.S. Lecture 26.pdf

Gale Pooley

Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Girls Waiting For You To Fuck Booking Contact Details WhatsApp Chat: +91-6297143586 pune Escort Service includes providing maximum physical satisfaction to their clients as well as engaging conversation that keeps your time enjoyable and entertaining. Plus they look fabulously elegant; making an impressionable. Independent Escorts pune understands the value of confidentiality and discretion - they will go the extra mile to meet your needs. Simply contact them via text messaging or through their online profiles; they'd be more than delighted to accommodate any request or arrange a romantic date or fun-filled night together. We provide - 01-may-2024(v.n)

Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...

Call Girls in Nagpur High Profile

(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts Booking Contact Details WhatsApp Chat: +91-7001035870 nashik Escort Service includes providing maximum physical satisfaction to their clients as well as engaging conversation that keeps your time enjoyable and entertaining. Plus they look fabulously elegant; making an impressionable. Independent Escorts nashik understands the value of confidentiality and discretion - they will go the extra mile to meet your needs. Simply contact them via text messaging or through their online profiles; they'd be more than delighted to accommodate any request or arrange a romantic date or fun-filled night together. We provide - 27-april-2024(v.n)

(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...

ranjana rawat

VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Escorts * Ruhi Singh * FOR BOOKING ★ A-Level (5-star Escort) (Akanksha): ☎️ +91-9920725232 AVAILABLE FOR COMPLETE ENJOYMENT WITH HIGH PROFILE INDIAN MODEL AVAILABLE HOTEL & HOME Visit Our Site For More Pleasure in your City 👉 ☎️ +91-9920725232 👈 ★ SAFE AND SECURE HIGH-CLASS SERVICE AFFORDABLE RATE ★ SATISFACTION, UNLIMITED ENJOYMENT. ★ All Meetings are confidential and no information is provided to any one at any cost. ★ EXCLUSIVE PROFILes Are Safe and Consensual with Most Limits Respected ★ Service Available In: - HOME & HOTEL Star Hotel Service. In Call & Out call SeRvIcEs : ★ A-Level (star escort) ★ Strip-tease ★ BBBJ (Bareback Blowjob) Receive advanced sexual techniques in different mode make their life more pleasurable. ★ Spending time in hotel rooms ★ BJ (Blowjob Without a Condom) ★ Completion (Oral to completion) ★ Covered (Covered blowjob Without condom ★ANAL SERVICES. Contact me TELEPHONE WHATSAPP Looking for Enjoy all Day(Akanksha) : ☎️ +91-9920725232 Mumbai, Andheri, Navi Mumbai, Thane, Mumbai Airport, Mumbai Central, South Mumbai, Juhu, Bandra, Colaba, Nariman point, Malad, Powai, Mira Road, Dahisar, Mira Bhayandar, Worli, Santacruz, Vile Parle, Lower Parel, Chembur, Dadar, Ghatkopar, Kurla, Mulund, Goregaon, Kandivali, Borivali, Jogeshwari, Kalyan, Vashi , Nerul, Panvel, Dombivli, Lokhandwala, Four Bungalows, Versova, NRI Complex, Kharghar, Belapur, Taloja, Marine Drive, Hiranandani Gardens, Churchgate, Marine lines, Oshiwara, DN Nagar, Jb Nagar, Marol Naka, Saki Naka, Andheri East, Andheri West, Bandra West, Bandra East , Thane West, Ghodbundar Road, There is a lot of talk about it in the media and news, so you might be wondering if this particular service is really worth the effort. A call girl service is exactly what it sounds like – a service where a woman offers sexual services over the phone. This type of service has been around for a long time and has become increasingly popular over the years. In most cases, call girl services are legal and regulated in many countries. There are a few things to keep in mind when considering the choice of whether to use a call girl service. First and foremost, make sure that you are comfortable with the particular person you are using the service from. Second, research accordingly before choosing a call girl. Don't just go with the first provider that comes up in your search; get opinions from others as well. Finally, be sure to have fun while using a call girl service; it's not just about sex. S040524N ★OUR BEST SERVICES: - FOR BOOKING ★ A-Level (5-star escort) ★ Strip-tease ★ BBBJ (Bareback Blowjob) ★ Spending time in my rooms ★ BJ (Blowjob Without a Condom) ★ COF (Come on Face) ★ Completion ★ (Oral to completion) noncovered ★ Special Massage ★ O-Level (Oral) ★ Blow Job; ★ Oral fun uncovered) ★ COB (Come on Body) ★. Extra ball (Have ride many times) ☛ ☛ ☛ ✔✔ secure✔✔ 100% safe WHATSAPP CALL ME +91-992072523

VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...

dipikadinghjn ( Why You Choose Us? ) Escorts

Stock Market Brief Deck (Under Pressure).pdf

Michael Silva

05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx

FinTech Belgium

The Economic History of the U.S. Lecture 17.pdf

Gale Pooley

Basic concepts related to Financial modelling

baijup5

Call Girl Mumbai Indira Call Now: 8250077686 Mumbai Escorts Booking Contact Details WhatsApp Chat: +91-8250077686 Mumbai Escort Service includes providing maximum physical satisfaction to their clients as well as engaging conversation that keeps your time enjoyable and entertainin. Plus they look fabulously elegant; making an impressionable. Independent Escorts Mumbai understands the value of confidentiality and discretion - they will go the extra mile to meet your needs. Simply contact them via text messaging or through their online profiles; they'd be more than delighted to accommodate any request or arrange a romantic date or fun-filled night together. We provide –

(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7

Call Girls in Nagpur High Profile Call Girls

High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts Booking Contact Details WhatsApp Chat: +91-7001035870 Nagpur Escort Service includes providing maximum physical satisfaction to their clients as well as engaging conversation that keeps your time enjoyable and entertaining. Plus they look fabulously elegant; making an impressionable. Independent Escorts Nagpur understands the value of confidentiality and discretion - they will go the extra mile to meet your needs. Simply contact them via text messaging or through their online profiles; they'd be more than delighted to accommodate any request or arrange a romantic date or fun-filled night together. We provide - 27-april-2024(v.n)

High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts

ranjana rawat

The Economic History of the U.S. Lecture 25.pdf

Gale Pooley

VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Satisfaction and Quality Time Booking Contact Details WhatsApp Chat: +91-7001035870 pune Escort Service includes providing maximum physical satisfaction to their clients as well as engaging conversation that keeps your time enjoyable and entertaining. Plus they look fabulously elegant; making an impressionable. Independent Escorts pune understands the value of confidentiality and discretion - they will go the extra mile to meet your needs. Simply contact them via text messaging or through their online profiles; they'd be more than delighted to accommodate any request or arrange a romantic date or fun-filled night together. We provide - 29-april-2024(v.n)

VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...

Call Girls in Nagpur High Profile

03_Emmanuel Ndiaye_Degroof Petercam.pptx

FinTech Belgium

Veritas Interim Report 1 January–31 March 2024

Veritas Eläkevakuutus - Veritas Pensionsförsäkring

TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...

ssifa0344

Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...

ssifa0344

VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday With Jareena * Mumbai Escorts * FOR BOOKING ★ A-Level (5-star Escort) (Akanksha): ☎️ +91-9920725232 AVAILABLE FOR COMPLETE ENJOYMENT WITH HIGH PROFILE INDIAN MODEL AVAILABLE HOTEL & HOME Visit Our Site For More Pleasure in your City 👉 ☎️ +91-9920725232 👈 ★ SAFE AND SECURE HIGH-CLASS SERVICE AFFORDABLE RATE ★ SATISFACTION, UNLIMITED ENJOYMENT. ★ All Meetings are confidential and no information is provided to any one at any cost. ★ EXCLUSIVE PROFILes Are Safe and Consensual with Most Limits Respected ★ Service Available In: - HOME & HOTEL Star Hotel Service. In Call & Out call SeRvIcEs : ★ A-Level (star escort) ★ Strip-tease ★ BBBJ (Bareback Blowjob) Receive advanced sexual techniques in different mode make their life more pleasurable. ★ Spending time in hotel rooms ★ BJ (Blowjob Without a Condom) ★ Completion (Oral to completion) ★ Covered (Covered blowjob Without condom ★ANAL SERVICES. Contact me TELEPHONE WHATSAPP Looking for Enjoy all Day(Akanksha) : ☎️ +91-9920725232 Mumbai, Andheri, Navi Mumbai, Thane, Mumbai Airport, Mumbai Central, South Mumbai, Juhu, Bandra, Colaba, Nariman point, Malad, Powai, Mira Road, Dahisar, Mira Bhayandar, Worli, Santacruz, Vile Parle, Lower Parel, Chembur, Dadar, Ghatkopar, Kurla, Mulund, Goregaon, Kandivali, Borivali, Jogeshwari, Kalyan, Vashi , Nerul, Panvel, Dombivli, Lokhandwala, Four Bungalows, Versova, NRI Complex, Kharghar, Belapur, Taloja, Marine Drive, Hiranandani Gardens, Churchgate, Marine lines, Oshiwara, DN Nagar, Jb Nagar, Marol Naka, Saki Naka, Andheri East, Andheri West, Bandra West, Bandra East , Thane West, Ghodbundar Road, There is a lot of talk about it in the media and news, so you might be wondering if this particular service is really worth the effort. A call girl service is exactly what it sounds like – a service where a woman offers sexual services over the phone. This type of service has been around for a long time and has become increasingly popular over the years. In most cases, call girl services are legal and regulated in many countries. There are a few things to keep in mind when considering the choice of whether to use a call girl service. First and foremost, make sure that you are comfortable with the particular person you are using the service from. Second, research accordingly before choosing a call girl. Don't just go with the first provider that comes up in your search; get opinions from others as well. Finally, be sure to have fun while using a call girl service; it's not just about sex. S040524N ★OUR BEST SERVICES: - FOR BOOKING ★ A-Level (5-star escort) ★ Strip-tease ★ BBBJ (Bareback Blowjob) ★ Spending time in my rooms ★ BJ (Blowjob Without a Condom) ★ COF (Come on Face) ★ Completion ★ (Oral to completion) noncovered ★ Special Massage ★ O-Level (Oral) ★ Blow Job; ★ Oral fun uncovered) ★ COB (Come on Body) ★. Extra ball (Have ride many times) ☛ ☛ ☛ ✔✔ secure✔✔ 100% safe WHATSAPP CALL ME +

VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...

dipikadinghjn ( Why You Choose Us? ) Escorts

Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service

Pooja Nehwal

The Economic History of the U.S. Lecture 20.pdf

Gale Pooley

Kürzlich hochgeladen (20)

Gurley shaw Theory of Monetary Economics.

The Economic History of the U.S. Lecture 26.pdf

Booking open Available Pune Call Girls Shivane 6297143586 Call Hot Indian Gi...

(DIYA) Bhumkar Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...

VIP Independent Call Girls in Bandra West 🌹 9920725232 ( Call Me ) Mumbai Esc...

Stock Market Brief Deck (Under Pressure).pdf

05_Annelore Lenoir_Docbyte_MeetupDora&Cybersecurity.pptx

The Economic History of the U.S. Lecture 17.pdf

Basic concepts related to Financial modelling

(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7

High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts

The Economic History of the U.S. Lecture 25.pdf

VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...

03_Emmanuel Ndiaye_Degroof Petercam.pptx

Veritas Interim Report 1 January–31 March 2024

TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...

Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...

VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...

Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service

The Economic History of the U.S. Lecture 20.pdf

Open APIs: Security for Mobile and the Cloud

1. Open APIs: Security for Mobile and the Cloud  Caleb Sima EIR, Andreessen Horowitz February 27, 2012

2. My Perspective  Entrepreneur in Residence, Andreessen Horowitz  CEO Armorize Technologies  CTO Application Security HP  CTO & Co-Founder of SPI Dynamics  Internet Security Systems

3. API Growth: The VC Perspective

4. What’s Driving API Growth? APIs are often driven by business interests instead of by IT

5. The Emergence of Legacy Systems on the Internet Introduces new risk profiles

6. Four Major Issues  Credentials and Authentication  Access Control and Authorization  Validation of Inputs  Misconfiguration

7. Overly Granular Application API Insecure More secure

8. Normal WebApp: One Request - One API Post to Register.aspx with the the following data: Email=csima%40a16z.com&User Name=csima&Password=reallyha rdpassword&ConfirmPassword=re allyhardpassword&Captcha=hatm als

9. With Ajax multiple requests = Multiple Inputs = Bigger Attack Surface CheckUsername(csima) ValidateEmail(csima@a16z.com) CheckCaptcha(hatmals) *Demo Search Final Submission of all data to server

10. Exposed Administrative API Intended use Malicious use

11. What is wrong with this code?  Real world application using Microsoft’s framework

12. A Best Practice—Decouple Security from App Separation of concerns between developer and security admin

13. For further information: February 2012

Open APIs: Security for Mobile and the Cloud

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Open APIs: Security for Mobile and the Cloud

Ähnlich wie Open APIs: Security for Mobile and the Cloud (20)

Mehr von CA API Management

Mehr von CA API Management (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Open APIs: Security for Mobile and the Cloud