Solving the Next Generation of Application Security Solutions Forum

  • Thursday, 04 Aug 2022 11:00AM EDT (04 Aug 2022 15:00 UTC)
  • Speaker: Chris Dale

Modern applications are extremely hard to secure and protect. Micro-services, APIs, and cloud services are complex and continuously changing. Traditional security solutions that focus on building a higher wall, a deeper moat, are simply too static and too slow to respond to the pace of continuous change and attacks. Now is the time to close the divide between teams and renew the focus on application security to support the next generation of business innovation.

This solution forum will showcase a new approach to Application and API security. Security through observability, where security has the context of the application and is able to mitigate fraud and abuse. It’s time to bring engineering, operations, and security together for the next generation of application security.

Join the SANS Solutions Forum Interactive Slack Workspace for this event (and all SANS Forums)! Connect once and you're set for all events in 2022!




Agenda | August 4, 2022 | 11:00 AM - 3:00 PM EDT



11:00 AM

Welcome & Opening Remarks

Chris Dale, SANS Instructor & Subject Matter Expert

11:10 AM

Why API Security

Modern business success is defined by the ability of leaders to inspire their teams to innovate and deliver value for their customers. In a rapidly changing and competitive market, speed and velocity is the key to success. However, modern applications also face incredibly complex technical and business challenges. Learn from serial entrepreneur and investor Jyoti Bansal about the key principles that leaders need to account for when building their teams and defining their culture.

Jyoti Bansal, Founder and CEO, Traceable AI & Harness

11:30 AM

State of API Security - Research Report

API security features require specialist skills and are a category of tooling to themselves. Tooling, expertise, and technical capabilities in API security are expanding rapidly to meet an ever-growing global digital economy that is powered by APIs. In this session, we will discuss the findings of the API Security Landscape 2022 report, highlighting the current and emerging trends in API security and share a preview of the API Security landscape.

Ashish Kuthiala, Chief Marketing Officer, Traceable AI

11:50 AM 

API Security Requirements - What you need to have

Several years ago, we became captivated by the new reality posed by Andreessen Horowitz that “software is eating the world”. However, things have changed again. APIs are now eating the world. But how can we secure them? Appsec practices now heavily depend on API security. However, traditional application security tools such as legacy WAFs, RASP, as well as the long list of testing solutions like SCA, SAST and DAST aren’t enough, as they don’t look at the unique behavior and functionality of APIs. They are simply ineffective at detecting and blocking API attacks. To effectively protect APIs, we need to analyze the unique context of APIs with a platform of capabilities and not a one-off scanner. Learn from Traceable AI CTO and co-founder, Sanjay Nagaraj, as he explains the evolution of APIs and provides a new industry framework to help you identify the must-haves in an API security platform.

Renata Budko, Head of Product, Traceable AI
Sanjay Nagaraj
, Co-founder and CTO, Traceable AI

12:10 PM


12:20 PM

API Security, Abuse and Data Leakage

API's are the interconnectivity pipe through which data flows between apps and to/from users including threat actors. As the amount of sensitive data which flows through API's increases manifold it is imperative that security teams get a better understanding of the volumes of traffic leaving their apps. From fake accounts creation to account takeovers to data exfiltration to API Fraud the abuse of API's needs a new approach to ensure API's don't become the attack vector for data breaches.

Sudeep Padiyar, Traceable AI

12:50 PM

API Catalog: First step towards API Security

API security begins with being able to automatically monitor, catalog and track changes to APIs and their distributed interactions in real time. In this session we talk about the need for an actionable API Catalog, functionality that such a catalog needs to provide and how security teams can go about creating one.

Amod Gupta, Product Manager, Traceable AI

1:10 PM

Traceable Demo / Overview

In this demo, we will show how Traceable AI helps you improve your security posture and reduce the risks of API attacks.

Anoop Kartha , Systems Engineer, Traceable AI

1:30 PM


1:40 PM

WORKSHOP - Hands On -API Security with Traceable AI

This workshop will illustrate how Traceable AI can help you get a running start, and a huge boost, on your journey of API security. We’ll look at key capabilities and see how they come together to provide API security observability to help your teams to secure their APIs and API-driven applications. Attendees will learn: 

  • Getting started with Traceable AI
  • Getting visibility into all your APIs and risk profile
  • Protecting your APIs from attacks
  • How effective API security is based on observability

Dan Gordon, Director of Technical Evangelism, Traceable AI

2:25 PM
Success Stories - Overcoming API Security Challenges

Learn from other experts in their journey to improve and secure their APIs. This panel discussion will explore common challenges and hurdles different security leaders faced when tackling API security in their organization.

Dana Gardner, Director of Content, Traceable AI

2:55 PM

Wrap-Up and Closing Remarks

Chris Dale, SANS Instructor & Subject Matter Expert