F5 API Security Lab Day


This event qualifies for 2.4 CPEs


Join F5 for this special interactive Capture the Flag competition where you will join with your peers to hunt for API vulnerabilities. See who has what it takes to identify vulnerable APIs and ultimately Capture the Flag!

 

In this lab and Capture the Flag exercise, you will learn how to identify and mitigate:

  • Hard-Coded Secrets: Many applications exchange user credentials for a hard-coded token or key.
  • Broken Authorization: Providing blanket access to the API keys has proven detrimental to multiple mobile and web applications.
  • Data Access Control on User Interface (UI): APIs can pull more data from a server than an app is authorized to share.
  • Security Check for User Interface (UI): Checks are built into the UI, but they can be circumvented with man-in-the-middle tools or API tools.
  • Weak Tokens: JSON Web Token (JWT) without a proper cryptographic signing mechanism can lead to privilege escalation.
  • Credential Stuffing: Bots can be used to scrape APIs for data or used to validate stolen credentials.
  • Version Troubles: APIs are often changed to add functionality or remove unused features.
Register Now to secure your spot!

Speaker and Presenter Information

Peter Scheffler, Senior Solutions Architect, F5

 

Arnulfo Hernandez, Solutions Architect, F5

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Register as Attendee


Add to Calendar


This event has no exhibitor/sponsor opportunities


When
Thu, Jun 5, 2025, 12:00pm - 3:00pm ET


Cost
Complimentary:    $ 0.00



Website
Click here to visit event website


Event Sponsors


Organizer
F5 Government Team at Carahsoft


Contact Event Organizer



Return to search results