BROADCASTS.com

This episode features guest Alissa Knight, former hacker and partner at Knight Ink, along with Karl Mattson, CISO from Noname Security, discussing findings on severe API vulnerabilities in U.S. banking applications research that was conducted by Alissa and funded by Noname Security. The research, \u201cScorched Earth: Hacking Bank APIs,\u201d unveils a number of vulnerabilities in the banking, cryptocurrency exchange, and FinTech industries.\nIn her Money 20/20 keynote presentation entitled \u201cScorched Earth: Hacking Bank APIs\u201d. In her presentation, Alissa revealed that she was able to gain access to 55 different banks and change PIN codes and move money in and out of accounts.\xa0Three lessons learned include: API security vulnerabilities affect all enterprises, API security needs to be operationalized across the enterprise, and API security requires posture management, runtime security, and active testing.\nDetails can be found here:\n\nWhite paper: Hacking Banks and Cryptocurrency Exchanges Through Their APIs\n\n\nBlog post: 3 API Security Lessons from \u201cScorched Earth: Hacking Bank APIs\u201d\n\n\nPress release: New Research Shows Vulnerabilities in Banking, Cryptocurrency Exchange, and FinTech APIs Allow Unauthorized Transactions and PIN Code Changes of Customers\n\n\nAlissa's presentation at Money 20/20.\n\n\nLearn more about your ad choices. Visit megaphone.fm/adchoices