OpenAPI definitions are traditionally used to expose the API functionality to customers. But a wave of tools have emerged in the past year that allow to test and secure APIs automatically from OpenAPI definitions.
In this talk, we explain why the OpenAPI specs are suited for security and present a set of tools you can leverage today to make your APIs more robust to attacks, and this starting at design time.
What you will learn: - Security options and why they matter - Defining the interface: why you must specify everything. - Why you need to take control of your schemas - Why specifying responses thoroughly matters
