REST API Security has come a long way from being a case of "Just use SSL"... or has it? On September 18th at 11am US Eastern Time / 4pm UK, we're running a webinar with Gunnar Peterson on the Top 10 Security Issues for REST APIs.
One of the big criticisms of SOAP Web Services was the complexity of the security standards such as WS-Security, WS-Trust, WS-Policy, WS-PolicyAttachment... the list goes on. People wrote whole books about them ;-) . In the case of REST, it can worryingly seem like a case of the Wild West (the "Wild REST"). Now, there are standards such as OAuth, but also there are many conventions such as API Keys which are sometimes implemented insecurely. Even in the case of OAuth 2.0, the implementation itself must be secured. Look out for this, and more, in Gunnar's definitive Top 10.
And because the topic of REST API Security is so hot, we're running the webinar twice :-) . If you're in the Asia-Pacific region, you can attend Gunnar's REST API Security webinar on Tuesday 23 Sept at 10am Hong Kong / 12 noon Sydney/Melbourne time.