Name: Cracking the Code: Defending APIs from Business Logic Attacks (APJ)
Start: 2023-10-26T03:00:00Z
End: 2023-10-26T03:01:00.000Z
Location: BrightTALK
Rating: 4.8

Imperva is a leading provider of cyber security solutions that protect business-critical data and applications in the cloud and on-premises.

The cybersecurity landscape is evolving rapidly, and 2025 is set to bring unprecedented challenges. From advanced threats to shifting technological and political landscapes, staying ahead has never been more critical.

Join our leading security experts, David Holmes and Terry Ray, as they reveal the biggest cybersecurity trends shaping the future. Here’s a few of their key insights:

• API security: From niche to necessity
• Critical infrastructure: Battling escalating threats
• Open-source software: New vulnerabilities on the horizon
• AI-driven breaches: How generative AI is changing the game

Unveiling the Cybersecurity Trends for 2025

$186B annually. That’s the global cost of API insecurity and bot attacks to businesses. In a groundbreaking study, Imperva partnered with the Marsh McLennan Cyber Risk Intelligence Center to analyze over 161,000 cybersecurity incidents, revealing the true cost of API insecurity and bot-driven threats. 

Join our experts as they dive into alarming insights uncovered in this recent study. Gain actionable intelligence, protect your organization and reduce exposure to these ever-evolving digital threats.

Key highlights include:
• Growing financial risks of API and bot-related attacks
• Prevalence of API and bot attacks by company size
• How to develop proactive and adaptive cybersecurity measures

The True Cost of API Insecurity and Bot Attacks in 2024

DDoS Threat Research insights plus live DDoS attack demo with RedWolf Security 

Over the past year, Asia has seen an alarming surge in DDoS attacks, with the Financial Services Industry (FSI) being a prime target. In the first half of 2024 alone, over 45% of Network Layer DDoS attacks in the region were aimed at financial institutions, marking a dramatic increase from previous years. Indonesia and Singapore, in particular, have experienced a staggering spike in these attacks.

Join our webinar to explore the factors driving this wave of cyber threats, including rapid digitalization, geopolitical tensions, and the expansion of financial platforms. We'll also break down critical insights into the rise of Network and Application Layer DDoS attacks, and what financial organizations must do to strengthen their defenses.

Don't miss this chance to stay ahead of evolving cyber risks in the financial sector!

What you will learn:
● Why DDoS attacks are rising in Southeast Asia's Financial Services Industry and the key factors behind it.
● Key trends in Network and Application Layer DDoS attacks across Indonesia, Singapore, and Thailand.
● Watch a live DDoS attack demo and discover effective mitigation strategies.
● Register now to stay ahead of the threat!

The Rise of DDoS Attacks on Financial Services in the APAC Region

Understanding your cloud security posture does not necessarily mean understanding your data posture. Organizations adopting a Cloud-Native Application Protection Platform (CNAPP) to protect cloud-native applications are at risk of leaving data assets exposed. One such risk is shadow data resulting from dynamic changes to data pipelines and services across cloud service providers (CSPs) creating hidden repositories where the data is unknown, undiscovered, or unidentified. Due to the complexity of securing multicloud environments, this can pose significant security gaps leaving cloud teams in the lurch.

In this session, Terry Ray, SVP and CTO of Data Security, Imperva, a Thales company, and Krishna Ksheerabdhi, VP of Product Marketing, Thales Data Security will discuss how organizations are overcoming these blind spots by effectively leveraging in-depth observability, meaningful analytics, and solid data protection practices to reduce data risk from information that drives business growth.

Reining in Shadow Data: Move Beyond CNAPP

Overburdened security teams are constantly weighing the need for robust cybersecurity that doesn’t create an operational burden. Most often, however, teams are forced to sacrifice one for the other. Looking at your return on security investment (ROSI) can help you understand how to best manage these competing requirements for your environment and available resources.

Join our speakers, David Holmes, CTO of Application Security at Imperva and a former Forrester principal analyst, and David Ellis, Vice President of Research at SecureIQLab and author of the SecureIQLab 2024 WAAP Comparative Report, for an expert discussion on:

• Effectively evaluating tradeoffs between security efficacy and operational efficiency for your organization
• Calculating and utilizing a return on security investment metric to secure budget and influence your executive leadership
• Identifying tradeoff traps

Elevate your Security Posture by Balancing Effectiveness and Efficiency

La normatividad PCI DSS 4.0 aborda algunos de los riesgos de arquitectura, control y diseño más importantes a los que se enfrentan las organizaciones a la hora de aceptar y procesar transacciones con tarjetas de pago.

La ciberseguridad y la gestión del fraude están surgiendo como una disciplina fusionada como reconocimiento de que ambas están inexorablemente vinculadas. Este lanzamiento desafiará a las organizaciones a transformar su enfoque actual de la protección de los datos de los titulares de tarjetas y a centrarse en los resultados del riesgo, no en aprobar evaluaciones.

En este webinar hablaremos de los requisitos de PCI DSS 4.0, y como las soluciones de seguridad de aplicaciones impactan en la mayoría de ellos. Conozca con nuestros expertos, cómo una estrategia de protección de aplicaciones ofrece a las organizaciones la certeza de estar en cumplimiento.

Visión general de la seguridad de aplicaciones en el marco de PCI DSS 4.0
Mapearemos las soluciones de Client Side Protection, Bots y APIs y su impacto en requerimientos específicos.
No pierda la oportunidad de conocer cómo abordar estos requisitos con Imperva y como hemos ayudado a muchas organizaciones a poder estar en cumplimiento.

Imperva Webinar Imperva PCI DSS 4.0 (Español)

In this session, our speakers will discuss ways to build a future-proof data security strategy for the evolving cyber landscape, combining a vision of possibility while staying grounded in reality.

Join this webinar to learn about:

- Future-proof data security strategies and risk-based essentials needed to protect against threats and enforce compliance across the organization.
- Key use cases for unifying data visibility and control on-premises, cloud data stores, data lakes, and storage systems.
- Thales Data Security innovations to address the dynamic challenges of the modern threat landscape while keeping your organization digitally resilient.

The Power of a Future-Proof Data Security Strategy

As DDoS attacks become increasingly sophisticated and automated, they pose a growing threat that's harder to defend against. Is your organization protected?

Join us for an exclusive webinar where we will unveil key highlights and strategic recommendations from the 2024 Imperva DDoS Threat Landscape Report. See a live DDoS attack and learn why they are a preferred weapon for cybercriminals.

In this must-attend session, our experts will reveal:
• Insights from the 2024 Imperva DDoS Threat Landscape Report
• Which industries are the top targets
• A live DDoS attack demonstration, emphasizing effective mitigation strategies

Intensifying DDoS Threats: Latest Trends & Live Attack Demo

March of 2025 will mark a pivotal moment in cybersecurity, as PCI DSS 4.0 introduces requirements to combat payment data theft from web browsers. Don't be caught off guard – join our cybersecurity experts and prepare your online organization to thrive in the PCI DSS 4.0 era.

Here’s a few of the topics we’ll cover:
• A look into PCI DSS 4.0's new client-side security paradigm
• Find out how requirements (6.4.3 & 11.6.1) safeguard against fraud and breaches
• Busting compliance obligation myths to ensure regulatory adherence

PCI DSS 4.0 - the New Client-Side Security Frontier

Explore the dynamic shifts in global legislation and compliance standards shaping the roadmap for data security in 2024 and beyond. 

Regulatory and industry association mandates are not new, but worldwide they seem to change daily. For most organizations, the pressure, cost, and effort required to sustain compliance have never been higher. 

Join our experts, who will discuss best practices that organizations are using to ensure essential compensating controls are in place for when the next audit or mandate deadline comes along. Thales and Imperva have come together to provide you with the information and solutions you need to achieve end-to-end data protection, maintain compliance, and reduce risk.  

Join this session to learn how to: 
- Assess your current compliance standings against global regulations, directives, and frameworks such as NIST CSF 2.0, PCI 4.0, NIS 2, DORA, DPDP, POPI, and others 
- Leverage compliance efforts to prevent data breaches, protect sensitive data, and reduce risks 
- Benefit from operational efficiencies and cost-savings from the combined strengths of Thales CipherTrust + Imperva Data Security Fabric data security solutions.

Evolving Legislative and Compliance Landscape: Your Data Security Roadmap

In today's rapidly evolving digital landscape, the migration to cloud infrastructure has become pivotal for organizations seeking enhanced resilience and security. However, this shift brings forth new challenges, particularly in safeguarding sensitive data amidst ever-evolving threats like ransomware and generative-AI attacks, alongside stringent compliance regulations such as NIS2 and PCI 4.0.

Enter data-centric security, offering CISOs transformative opportunities to fortify data protection, compliance adherence, and operational efficiency, thereby nurturing deeper trust with customers. Yet, ensuring robust defense mechanisms remains imperative, given the diverse pathways to data, each with its own unique security demands and vulnerabilities.

In our upcoming webinar, "Thales + Imperva: Trusted End-to-end Data Security" Todd Moore, VP of Data Protection at Thales, and Terry Ray, SVP of Data Security and Imperva Fellow for Imperva, a Thales company, will delve into the strategies that empower organizations to unlock maximum value from their data assets amid the complexities of multicloud environments.

Join us as we explore:
• Adopting a data-first approach to simplify data protection and compliance
• Leveraging the combined strength of Thales and Imperva's state-of-the-art data security platforms
• Applying data security across clouds: private, AWS, Azure, GCP, and ensure parity with your on-premises policies
• Harnessing the latest data security innovations for managing sensitive data, detecting threats, and mitigating risks

Thales + Imperva: Trusted End-to-end Data Security

Confront a growing, modern cybersecurity threat and learn what it takes to build a robust API Security strategy in 2024. With the adoption of APIs continuing to surge,  the importance of securing them has become paramount.  

Join our hosts, Luke Babarinde and Grainne McKeever, as they dive deep into API Security. Uncover why API Discovery is a vital component of any strategy to defend against the ever expanding threat landscape and register today to:

• Gain key insights from The State of API Security in 2024 report

• Learn from a real-world API Security case study 

• Explore key elements of a full-stack Application Security solution

Build a Robust API Security Strategy in 2024

Bad bots are a persistent problem affecting consumers and organizations across industries. As part of our ongoing commitment to helping organizations better understand the challenges and risks associated with automated traffic, we have published the 2024 Imperva Bad Bot Report.

Join our panel of cybersecurity experts, Erez Hasson, Atul Anvekar, and Stephen Dickson, to discover how bad bots force organizations to rethink how they address automated attacks without impacting customer experience.

Attend this session to get:
• Exclusive insights from the 2024 Imperva Bad Bot Report, including the latest 
statistics and emerging trends
• Real-world stories from the frontline battles against bad bots
• Guidelines for detecting and diagnosing bot-related issues in your infrastructure
• Strategic recommendations to safeguard your business from sophisticated bot threats

Battling Bad Bots: The Latest Trends, Stats & Defense Strategies

Advanced cyber threat actors like NOBELIUM and their attack on Microsoft, dubbed "Midnight Blizzard," are increasingly targeting cloud services, putting sensitive data at risk. No cloud provider is 100% safe. 

Today’s multi-cloud environment expands the attack surface, increasing enterprise vulnerability. The advent of behavioral analytics and new data protection strategies helps you be better prepared for today’s advanced cyber threats. At Thales and Imperva, we believe cybersecurity starts with data, and we're committed to protecting data and all paths to it, whether on-premises, multi-cloud, or SaaS.

This webinar is crucial for companies handling critical data (financial, healthcare, etc.), security teams, IT professionals, cloud architects, and security leaders seeking to strengthen their multi-cloud posture. Join our expert-led webinar to learn how to proactively identify and mitigate these evolving threats, as outlined in the MITRE framework.

We'll delve into:
- A deeper understanding of the evolving threat landscape and the tactics used by advanced threat actors
- Practical guidance on implementing behavioral analytics to detect sophisticated anomalies and reduce false positives
- Actionable strategies for data protection, including encryption, access controls, and data loss prevention techniques tailored for multi-cloud environments

Register now to secure your spot and empower your organization with the knowledge to protect your multi-cloud environment.

Detecting and Protecting Against Cyber Attacks to Beat Perimeter Security

APIs have become the backbone of innovation but they have inadvertently created a wider attack surface for cybercriminals.

Without proper security checks, APIs become playgrounds for attackers. Join us as we uncover a growing, hidden danger: business logic abuse.

Some topics we’ll cover:

• How deep discovery and machine learning can provide full API visibility and monitoring
• How to safeguard your most vulnerable APIs, to minimize business logic abuse
• Essential tools needed for evaluating and mitigating Broken Object Level Authorization (BOLA) risk per current IDOR regulatory guidelines
• Full-stack API Security solution vs. pure-play API Security

Cracking the Code: Defending APIs from Business Logic Attacks (APJ)

API Security

BOLA

IDOR

Application Security

Business Logic Attacks

Cybersecurity

APIs

Digital Transformation

Machine Learning

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Cracking the Code: Defending APIs from Business Logic Attacks (APJ)

Presented by

About this talk

More from this channel