Fabian Magrini | Blog

The sessions I am intending to watch, I'll be refining as I go: https://youtube.com/playlist?list=PLq-S-mihzsNyPQuymvYJzNGP8ji45BMo3 Full playlist here: https://www.youtube.com/watch?v=8V_BUGFKdaI&list=PLdo4fOcmZ0oVlqu_V8EXUDDnPsYwemxjn&index=3 Technical Content https://github.com/dotnet-presentations/dotNETConf/tree/main/2022/MainEvent/Technical Announcements to highlight: https://devblogs.microsoft.com/dotnet/announcing-dotnet-7/ https://devblogs.microsoft.com/dotnet/announcing-dotnet-7/#net-is-for-cloud-native-apps Related sample projects: https://github.com/davidfowl/TodoApi  - Todo REST API samples using ASP.NET Core minimal APIs. See  this tweet https://twitter.com/davidfowl/status/1591480438308339712?cxt=HHwWgIDQhdrBiZYsAAAA for what it showcases.

Good kick off point https://owasp.org/www-project-api-security/ https://cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html https://github.com/OWASP/wstg https://stackoverflow.blog/2021/10/06/best-practices-for-authentication-and-authorization-for-rest-apis/ Around the industry https://www.f5.com/labs/learning-center/securing-apis-10-best-practices-for-keeping-your-data-and-infrastructure-safe https://blog.axway.com/learning-center/digital-security/keys-oauth/api-security-best-practices https://curity.io/resources/learn/api-security-best-practices/ https://medium.com/apis-and-digital-transformation/best-practices-for-building-secure-apis-2b4eb8071d41 https://learn.microsoft.com/en-us/azure/api-management/mitigate-owasp-api-threats https://learn.microsoft.com/en-us/dotnet/architecture/microservices/secure-net-microservices-web-applications/ State of API Security https://content.salt.security/gartner-2022-predicts https://content.salt.security/state-api-report.html Serv