The OWASP API Top 10 2019

by Lena Reitzle

According to a Gartner report, application programming interfaces (APIs) already account for 40% of the attack surface of web applications – and the trend is rising. Gartner estimates that this figure will rise to 90% by 2021. [1]The trend is more and more towards dynamic single-page applications (SPAs), while classic server-based web applications are gradually being replaced.


22 October 2020: Live Webcast “Explained by a Hacker” – Recording Available

MS Teams and Office 365 are becoming increasingly popular targets: In his webinar “Explained by a Hacker: MS Teams and Office 365 as New Targets for Cyber Criminals” (in German only), Yves Kraft, Branch Manager and Senior Penetration Tester & Security Consultant, demonstrates possible attacks on these platforms using live hacking and explains how companies can protect themselves against such attacks.

Click here for further information and to watch a recording of the webinar from 22 October 2020.

22 October 2020: //heise devSec() – OWASP API Security Top 10

At this year’s //heise devSec() conference, you can learn more about “OWASP API Security Top 10 – How APIs are attacked and How to Develop Securely” in Frank Ully’s presentation, CTO Oneconsult Deutschland GmbH and Senior Penetration Tester & Security Consultant.

//heise devSec() will be held as an online event this year.
Frank Ully’s presentation (in German) is scheduled for 22 October from 12:00 to 12:45.

For further information and registration please check the //heise devSec() website.

13 October 2020: Oneconsult as a Sponsor at the Swiss Cyber Storm 2020

Oneconsult is one of the sponsors of the Swiss Cyber Storm (SCS) 2020.

This year’s SCS will take place on Tuesday, October 13 at 1:30 pm and will be held as a one-hour online event during which Florian Schütz (Federal Delegate for Cyber Security) and Prof. Edouard Bugnion (EPFL) will talk about the most important cyber security topics and trends this year.

Please see the Swiss Cyber Storm 2020 website for further details and the link to the live stream. The event is free, and there is no registration required.

SMEs as Targets of Cyber Attacks

As part of the KMU Digital Webinar Yves Kraft, Branch Manager and Senior Penetration Tester & Security Consultant, in cooperation with AXA demonstrated various threat scenarios for SMEs using multiple live hackings and explained why cyber security is becoming increasingly important for SMEs. [more]