APIs are ubiquitous. Every modern software application uses – or is – an API. Even with this explosive growth, APIs are consistently overlooked in AppSec programs, and attackers are taking advantage of it by increasingly targeting web APIs to gain a foothold, deny access, install bots, escalate privilege and harvest sensitive data. ThreatX co-founder and chief strategy officer, Bret Settle, will discuss the varied types of attack methods used against APIs and share strategies for protecting this growing attack surface.