APISECCON 2026: Welcome, State of API Security & New Tools | Dan Barahona & Jesse Freeman скачать в хорошем качестве

APISECCON 2026: Welcome, State of API Security & New Tools | Dan Barahona & Jesse Freeman

Welcome to APISECCON 2026! In this opening session, APISEC University co-founders Dan Barahona and Jesse Freeman kick off the conference with the latest news in API security, a preview of the day's speakers, and announcements about new tools and certifications from APISEC U. They cover recent real-world API breaches including a FlowWise password reset endpoint that leaked reset codes in the API response, a Formula One mass assignment vulnerability that granted admin access to driver accounts, a $41M SwissBorg crypto theft via a compromised third-party API, and the first documented MCP supply chain attack — a community-built Postmark MCP that secretly BCC'd every outbound email to an attacker. The session also spotlights APISEC U's newest tools: Bolt (a browser-based API recon and manipulation tool), MCP Audit (an open-source tool for scanning repos for MCP misconfigurations), and the new APU+ certification. Jesse previews his upcoming course on building an API security program from scratch. Whether you're new to API security or a seasoned practitioner, this is the perfect primer for everything APISECCON has to offer. 🔗 Resources mentioned: Bolt browser extension: https://chromewebstore.google.com/det... MCP Audit (open source): https://apisec-inc.github.io/mcp-audit/ APU+ Certification: https://www.apisecuniversity.com/cour... APISEC University (free courses): https://www.apisecuniversity.com #APISecurity #APISECCON #MCP #BugBounty #AppSec