Applying MITRE Framework to API Threat Modeling

In this talk, we take a look at the practical issues of security APIs through the length of the MITRE framework.

We discuss:

• An overview of MITRE framework
• How well known API attack vectors map to known adversary tactics and technique
• A real-world use case of an attack that has started as an API breach and got developed into a full-fledged MITRE-style attack
• Effective mitigations for API exploits