Secure Coding

Defending Web APIs

Course Learning Objectives

  • Learn about defenses against insufficient Authentication and Authorization in public and private APIs.
  • Summarize different techniques that defend Web APIs against insufficient input validation and output sanitization.
  • Discover how to defend against insecure communication and identify best practices for secure communication using SSL and TLS.
  • Explore ways of reducing the attack surface of Web APIs by implementing defenses against commonattacks like CSRF, DoS and DDoS.


This course discusses defenses against the common vulnerabilities of today's RESTful Web APIs. We'll cover the security of connecting to APIs, validating input and output, communication channels, and common attacks.


This course is intended for junior developers with some experience using APIs and web services.

Time Required

Tailored learning - 75 minutes total

API101S - Defending Web APIs

$139.00 *prices shown in USD Add to Cart or Subscribe your team

We would like to inform you that we will be discontinuing the self-checkout option for individual course purchases on April 28, 2022. The website for making individual course purchases will no longer be available after April 28, 2022 and all sales queries will be directed to our sales team for processing.

Our records indicate that you have used this option in the past to purchase individual course subscriptions. We urge you to reach out to our sales development representative with any concerns or questions about this transition.

Thank you for your understanding. 


Security Compass eLearning