12. API Security and FHIR Recommendations - podcast episode cover

12. API Security and FHIR Recommendations

APIs Over IPAs
Sep 24, 202147 min
--:--
--:--
Listen in podcast apps:
Metacast
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Alissa Knight, partner at Knight Inc Media, shares her insights into how to protect your APIs and what's in store with the latest version of FHIR. Specifically, we cover: • Avoid prison yellow and become an ethical hacker • Authentication doesn’t equal authorization • Protect against BOLA with scopes • Don’t use WAFs to protect your APIs • Know what traffic is going to your API • Shift left security. Shield right. • PHI is worth 1,000X credit card info • APIs are the weakest link in healthcare • APIs have multiple attack surfaces • Banning apps from jail-broken phones doesn’t help • Use MobSF to find API keys • APIs need to comply with FHIR • Implement FHIR correctly • Get FHIR certified • FHIR certification versus HIPAA compliance • There’s no one right solution for API security • Instrument your APIs
For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
12. API Security and FHIR Recommendations | APIs Over IPAs podcast - Listen or read transcript on Metacast