LAB 122 - Identifying Insecure APIs

Course Details

Course Number: LAB 122

Course Duration: 5 minutes

Course CPE Credits: 0.25

NICE Specialty Areas

Risk Management (RSK)
Securely Provision (SP)
Software Development (DEV)

Related Learning Paths

Cloud Developer
Web Developer
Q/A Test Engineer
Ethical Hacker

Related Subject Matter

API
Cloud
CSA Top 11 Threats to Cloud Computing
Learn Labs
OWASP API
Web Services/SOAP

Foreign Languages Available:

English

Course Overview

This lab challenges a learner to discover and exploit an existing API vulnerability to bypass authorization mechanisms and steal private files in a cloud application. In this lab, you are an adversary interacting with the application in a legitimate way to discover flaws in a REST API to bypass authorization mechanisms and steal private files that contain AWS Credentials. Participants will also learn best practices to prevent and mitigate broken object-level authorization vulnerabilities related to insecure APIs?

Ready to Demo this course? Questions? Contact Us!