Mais conteúdo relacionado

Similar a APIsecure 2023 - Machine Learning in API Security, Sagar Bhure (F5)(20)

Mais de apidays(20)


APIsecure 2023 - Machine Learning in API Security, Sagar Bhure (F5)

  1. 1
  2. Technical Expertise PERSONAL PROFILE ACHIEVEMENTS EDUCATION HOBBIES CONTACT INFO . Master of Technology @IIT Kanpur 2017 Bachelor of Technology @IIT Kanpur 2016 Research Intern @University of Tokyo 2015 LinkedIn: Sagar Bhure email: Website: Aerial photography Travel and Culture and many more …. SAGAR BHURE “You are an essential ingredient in our ongoing effort to reduce Security Risk” ― Kirsten Manthorne Layer 7 Protocol (DNS, HTTP …) Cryptography in Network security Android Application Security Computer Vision, Artificial Intelligence MERN, RPA, HW Security … Two filed patent @USPTO Project Leader at OWASP MLSVS Former Linux Foundation Scholar OWASP CFP/CPT Reviewer $whoami
  3. Overview of ML, API Security Threat ML for API Security Demo Best Practices Q&A Disclaimer: Opinions expressed in the following slides are solely based on opinion and does not simulate real world Presenter – Sagar Bhure 3
  4. ML Overview 4
  5. ML Overview, Why ML?
  6. Traditional API Security
  7. Adding ML to API Security
  8. Type of API Security Threat 8 • Bot attacks targeting APIs Bot Attack •Injection attacks such as SQL injection and cross-site scripting(xss) Injection attacks •Authentication attacks such as brute-force & credential stuffing Authentication Attack •API-specific attacks such as scraping and abuse API Specific Attack •Breaches of data privacy and confidentiality Data privacy and confidentiality
  9. Applying ML to API Security 9
  10. DEMO Good Queries Bad Queries Disclaimer: The Demo in this slide is just for proof-of concept and does not imply real world use case 10
  11. DEMO - Code Overview 11
  12. Best Practices – ML for APISEC 12
  13. Journals & Books 13