In this course, you will :
- Discover how to Secure REST APIs and create a secure software development lifecycle.
- Learn about SSL/TLS/X.509 Certificates and whether they are all the same or different.
- Discover how to score vulnerabilities.
- Discover the distinctions between client and server rendering.
- Learn about zero trust and its seven tenets.
- Learn how to select the appropriate TLS protocol, version, and cyphers.
- Understand the importance of access control and where and how to place it in the architecture.
- Learn about the JWT token and its role in security.
- Learn about input validation and its role in preventing 90% of attacks.
- Learn how to use the proper content type and HTTP method.
- Learn the best practises for implementing REST API security.
1. Securing REST API
- Introduction: Why We Need to Secure REST APIs\
- REST API Using HTTPS
- Additional Controls for HTTPS Security
- REST API Authentication and Access Control
- Standardize JWT for Security (Access) Token
- REST API Input Validation
- Allowed HTTP Methods
- REST API Content-Type Validation
- REST API Best Practices