How to test WAF and API protection solutions

Majority of the fintech, health tech, and e-commerce companies have had WAF/RASP/NGWAF and API security solutions installed for years to protect their APIs, but also due to PCI DSS, SOC2, and HIPAA compliance requirements, bot mitigation, and OWASP Top-10 attack prevention needs.

During the workshop, an audience will learn and practice in the following topics:

  • How to run OWASP Top-10 attacks tests
  • How to test API security threats prevention solutions for REST/SOAP/XMLRPC, and GraphQL
  • How to test application security solutions on false positives;
  • Understanding blocking and false positives statistics and preparing custom reports

Requirements for the lab:

  • Windows/Linux or macOS machine with Docker installed
  • Lab session will be based on open-source tools available for an audience

Our speakers:

Watch the webinar