API Threat Modeling Cheat Sheet

Track: Threat Model
When: Tue PM-1
Organizers Steven Wierckx
Participants Chris Allen , Adam Shostack

Why

We all love Cheat Sheets. They are great to use when you need it but they are also great to learn because they force us to summarize the most important points.

What

  • What are the main Threats against an API?
  • Can we find common Threats that apply to APIs?
  • Are there generic Threats we could check for applicability?
  • Could we organize the Threats in Risk Patterns for APIs?
  • Can they be summarized on a Cheat Sheet form?

Outcomes

A Cheat Sheet covering most common threats against APIs.

Register as participant

To register as participant add API Threat Modeling Cheat Sheet to either:

  1. the sessions metadata field from your participant's page (find your participant page and look for the edit link).
  2. or the participants metadata field from this git session page


Back to list of all Working Sessions