Anatomy of an API Attack:
Applying MITRE Framework to API Threat Modeling
In this talk, we take a look at the practical issues of security APIs through the length of the MITRE framework.
An overview of MITRE framework
How well known API attack vectors map to known adversary tactics and technique
A real-world use case of an attack that has started as an API breach and got developed into a full-fledged MITRE-style attack
Effective mitigations for API exploits