Loading…
← Back to schedule
[Virtual Exclusive] PRO API: What Your Exposed APIs Are Leaking
Friday September 12, 2025 10:30am - 10:55am PDT
VIRTUAL API World -- Workshop Stage A (PRO)
Tristan Kalos, Escape, Co-founder and CEO

Many large organizations unknowingly expose vulnerable staging and development APIs, creating opportunities for hackers to access sensitive data. To uncover the scope of this issue, we analyzed 1,000 domains, identifying shadow APIs, leaked API secrets, and critical vulnerabilities like misconfigured GraphQL APIs and exposed Spring Boot Actuator schemas.

In this session, we’ll reveal key findings, share how we scaled API discovery using subdomain enumeration and schema reconstruction, and provide actionable strategies to mitigate risks, such as continuous API inventory and schema validation. Attendees will also gain hands-on knowledge of open-source tools like GraphQL Armor and Goctopus to enhance API security.
Speakers
avatar for Tristan Kalos

Tristan Kalos

Co-founder and CEO, Escape
Tristan Kalos, co-founder and CEO at Escape, draws from a background as a software engineer and Machine Learning Researcher at UC Berkeley. Motivated by firsthand experience witnessing a client's database stolen through an API in 2018, he has since become an expert in API security... Read More →
Friday September 12, 2025 10:30am - 10:55am PDT
VIRTUAL API World -- Workshop Stage A (PRO)
  API World

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Sched forms Call for papers Badges Conferences Event App Scheduling Event registration Event ticketing
© 2025. SCHED LLC - All rights reserved - Helping events since 2008
Conference Scheduling Software Privacy Terms
Share Modal

Share this link via

Or copy link