All content for APIs Over IPAs is the property of Moesif API Observability and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
18: Platform Engineering and Reducing Operational Overhead with Nuwan Dias, WSO2 by Moesif API Observability
Alissa Knight, partner at Knight Inc Media, shares her insights into how to protect your APIs and what's in store with the latest version of FHIR.
Specifically, we cover:
• Avoid prison yellow and become an ethical hacker
• Authentication doesn’t equal authorization
• Protect against BOLA with scopes
• Don’t use WAFs to protect your APIs
• Know what traffic is going to your API
• Shift left security. Shield right.
• PHI is worth 1,000X credit card info
• APIs are the weakest link in healthcare
• APIs have multiple attack surfaces
• Banning apps from jail-broken phones doesn’t help
• Use MobSF to find API keys
• APIs need to comply with FHIR
• Implement FHIR correctly
• Get FHIR certified
• FHIR certification versus HIPAA compliance
• There’s no one right solution for API security
• Instrument your APIs
APIs Over IPAs
18: Platform Engineering and Reducing Operational Overhead with Nuwan Dias, WSO2 by Moesif API Observability
