APISEC CON API SecDevOps with Iwan Eising скачать в хорошем качестве

APISEC CON API SecDevOps with Iwan Eising

When DevSecOps Isn't Enough: Introducing SECDevOps for Secure API Design Speaker: Iwan Eising | Chief Architect | Author of Software Engineering Done Right What if you’ve been approaching API security backward? In this powerful session from APISec|Con 2025, Iwan Eising flips the script on DevSecOps and introduces SECDevOps, a paradigm that treats security not as an afterthought or bolt-on, but as a first-class business requirement that drives API design from day one. You'll Learn: Why it’s SECDevOps—not DevSecOps—and why that distinction matters How to use Behavior-Driven Development (BDD) and Domain-Driven Design (DDD) to create secure, context-aware APIs Why most "secure" APIs still fail at behavioral security The secrets to designing APIs that avoid OWASP Top 10 risks (by design) How vague requirements and misaligned assumptions lead to massive security gaps (and revenue delays) Whether you’re building enterprise-grade APIs or guiding security posture for your team, this talk will show you how to design APIs that behave securely, and not just pass a scan. BONUS: Learn about Iwan’s APIsec University course Start Left: API SECDevOps—and grab a sneak peek at his upcoming book Software Engineering Done Right. #APIsecurity #DevSecOps #SECDevOps #AppSec #PenTest #SoftwareArchitecture #OWASP #ShiftLeft #APIsecUniversity #apiseccon