Corey Ball
Corey Ball is the author of Hacking APIs and founder of APIsec University a completely free learning platform with over 120,000 students. He was the winner of the SANS Difference Makers Award for book of the year. With over 15 years of experience in IT and Cybersecurity, Corey now leads penetration testing as the CEO of hAPI Labs.
Session
"Instant API Hacker" is a fast-paced, 20-minute presentation that demonstrates how quickly someone can learn to identify and exploit API vulnerabilities. Led by Corey Ball, author of "Hacking APIs" and founder of APIsec University and hAPI Labs. This talk provides a practical introduction to API security testing using real-world tools and techniques. Attendees will witness the exploitation of critical vulnerabilities from the OWASP API Security Top 10, including broken authentication, authorization flaws (BOLA), and excessive data exposure. Through live demos using the crAPI vulnerable lab, participants will see firsthand how APIs can be compromised and gain actionable insights they can apply immediately. The presentation concludes with free resources for continued learning, including access to vulnerable labs and APIsec University courses.