From Cisco Systems Inc
Krishan is a Sr. Technical Leader and Evangelist for Security at Cisco DevNet(developer.cisco.com). Prior to DevNet, he was engineering manager with Cisco Security BU developing Cisco Firepower REST APIs. In previous roles at Cisco, he has been part of Corp Dev team focusing on collaboration technology strategy and acquisitions technology diligence. During this role, he was focused on incoming IP source code and development process diligence. Krishan holds an MBA from the Johnson Business School at Cornell University and Master of Science in Computer Engineering from the Wayne State University. As a Pacific Northwest resident in the USA, he loves mountains and enjoys running, bike and snowboard.
API's are awesome! API's provide programmability & stickiness to our products and services. The most important aspect of developing APIs in critical infrastructure products is to ensure that overall service security is maintained. It is often difficult to ensure that new API's do not increase the threat surface or introduce any new vulnerabilities into our current or future services. Our customers and partners are depending on us to minimize this vulnerability exposure risk as they adopt programmability. This hands-on workshop session is designed to create a security-first mindset as we develop and test new API's. The session will include how to establish secured code development process for your APIs, how to choose your API authentication schemes (Outh, token…etc). The most valuable part of this session will be the API threat analysis process, this process helps identify possible vulnerabilities due to our design, how we address these vulnerabilities during design, development and testing phase of APIs.