Exposed API Tokens: Uncovering Critical Security Risks at Scale

Revisit one of our sessions from API Summit 2024!

Exposed API tokens present significant risks to organizations. This session showcases the findings of recent research that analyzed 1M domains and revealed over 18,000 API tokens and RSA keys (41% classified as highly critical). We'll detail unique web scanning methodology, sensitive data discoveries, and potential financial losses (e.g., $20M in vulnerable Stripe tokens). In addition, we'll cover remediation strategies and explore what it all means for the current state of API Security. Get equipped with knowledge of how to find API secrets at scale, and guidelines for effective risk mitigation.