Training API security – protection and access control

Practical information about training

Training description

The training focuses on key aspects of API security, presenting advanced techniques for protection and access control. The program covers both the theoretical basics of API security and practical methods of security implementation. The workshop enables participants to gain hands-on experience in identifying threats, implementing protection mechanisms and auditing the security of software interfaces.

Participant profile

  • Architects of systems security
  • Developers responsible for API security
  • Cyber security specialists
  • Systems security auditors
  • DevSecOps engineers
  • API platform administrators

Agenda

  1. Foundations of API security
    • Threat models for APIs
    • Safety standards
    • Most common vulnerabilities
    • Protection strategies
  2. Authentication and authorization mechanisms
    • OAuth 2.0 implementation
    • JWT tokens and management
    • Roles and powers
    • Identity management
  3. Protection against attacks
    • Preventing OWASP API attacks
    • Validation of input data
    • Rate limiting and throttling
    • Encryption and digital signatures
  4. Monitoring and response
    • Intrusion detection systems
    • Security log analysis
    • Incident response procedures
    • Security audit

Benefits

Acquire advanced knowledge in securing APIs. Gain practical skills in implementing authentication and authorization mechanisms. Acquiring techniques for detecting and preventing attacks on APIs. To learn methods for effective monitoring of the security of interfaces. Developing skills in the area of API security auditing. Mastering best practices for responding to security incidents.

Required preparation of participants

  • Knowledge of the basics of application security
  • Experience in API development or management
  • Basic knowledge of authentication protocols
  • Knowledge of security standards

Issues

  • API threat models
  • Authentication mechanisms
  • OAuth and JWT standards
  • Data validation
  • Rate limiting
  • Encryption of communications
  • Security monitoring
  • Access audit
  • Responding to incidents
  • OWASP Best Practices

Do you have any questions?
Feel free to contact us.

Justyna Kalbarczyk
+48 516 098 221
justyna.kalbarczyk@eitt.academy
31 Ząbkowska Street
03-736 Warsaw

Forms of training delivery

Stationary training

  • Training at the customer's premises or at a designated location
  • Training room equipped with the necessary equipment
  • Training materials in electronic form
  • Coffee breaks and lunch
  • Direct interaction with the trainer
  • Networking in a group
  • Workshop exercises in teams

Remote training

  • Virtual training environment
  • Electronic materials
  • Interactive online exercises
  • Breakout rooms for group work
  • Technical support during the training
  • Recordings of the session (optional)

Possibility of funding

The training can be financed with public funds under:

  • National Training Fund (KFS)
  • Development Services Base (BUR)
  • EU projects implemented by PARP
  • HR Academy Program (PARP)
  • Regional operational programs

If you are interested in funding, our team will help you prepare the required documentation.

HAVE A QUESTION?

+48 22 487 84 90

biuro@eitt.pl

Contact us for more information about our training, programs and cooperation. We will be happy to answer all your inquiries!

?
?
I have read and accept the privacy policy. *

They trusted us

MAN Truck & Bus Polska Sp. z o.o.
mBank S.A.
AGORA S.A.
Amway Poland
Aptitude
Atende S.A.
Atos Poland S.A.
Becton Dickinson Polska sp. z o. o.
Berner Polska Sp. z o.o.
Credit Information Bureau S.A.
BNP Paribas Polska S.A.
Bridgestone Europe S.A.
Capgemini
CEDC International Sp. z o.o.
Comtegra S.A.
ENERGA Information and Technology
General Directorate of National Roads and Highways.
ING Bank Śląski S.A.
Kredyt Inkaso S.A.
KPMG Ltd.
Leroy Merlin Polska Sp. z o.o.
SII Ltd.
Sopra Steria Polska Sp. z o.o.
Polska Wytwórnia Papierów Wartościowych S.A.
See more

Get to know our company

Who we are

We create
dedicated workshops

Team

A team of experienced
expert practitioners

Accreditations

We focus on the highest quality
training services

Do you have any questions?
Feel free to contact us.

Justyna Kalbarczyk
+48 516 098 221
justyna.kalbarczyk@eitt.academy
31 Ząbkowska Street
03-736 Warsaw

FAQ - Frequently Asked Questions

We offer training in a variety of tailored formats: onsite (at the client's location or our training center), live online interactive with a trainer, and in a hybrid format. Detailed information about the available delivery forms for a specific training is always included in its description on the website.
Open online trainings usually take place from 9:00 - 17:00 Polish time. In the case of closed trainings dedicated to companies, the schedule is flexible and we arrange it individually with the client to best fit the needs of the organization.
We use proven and popular video conferencing platforms, such as Microsoft Teams and Zoom, to conduct interactive online training. They provide seamless communication, the ability to work in groups and direct contact with the trainer. We provide information about the platform used in a specific training to participants before the training begins.
To comfortably participate in the online training, all you need is a standard computer (desktop or laptop) with stable internet access and an up-to-date version of a web browser installed. We recommend using headphones with a microphone for better sound quality and communication, although this is not absolutely required. Having a webcam is usually not mandatory either.
Yes, each participant receives a set of training materials prepared by our experts. We usually provide them in electronic form (e.g., PDF files) a few days before the start of the training, after confirmation of participation and payment.
Upon successful completion of most of our training courses, participants receive a named EITT Certificate of Completion, confirming the competencies gained. In addition, we offer accredited training courses (e.g., ITIL®, PRINCE2®) that prepare for official internationally recognized certification exams. Information about the type of certificate available after a specific training is always included in the detailed description of the training.
The enrollment process depends on the type of training. For open trainings (open to anyone who is interested), you can sign up directly through the application form available on the page of the particular training. If you are interested in closed training (dedicated to employees of one company), please contact us directly by email or phone - we will prepare an offer tailored to your needs.
As standard, the price of the training includes: participation in classes taught by an experienced trainer-practitioner, a set of original training materials in electronic form, and a named EITT Certificate of Completion. For accredited training courses, the price often also includes the cost of taking the official certification exam. The detailed scope of benefits for a given course is always given in its description.
The preferred form of payment for our training courses is by bank transfer, executed on the basis of an issued pro forma invoice or VAT invoice. Detailed information on payment terms and conditions is provided in the process of confirming the enrollment in the training or can be found in the regulations.
Of course! Our specialty is closed-door training, designed "tailor-made" - according to the individual needs and business objectives of a given organization. If you are interested in a topic outside of our regular offerings or would like to modify the program of an existing course, feel free to contact us. We will be happy to prepare a dedicated solution.
We are flexible and adapt to the client's needs. We can organize closed trainings even for small groups - usually the minimum number of participants is 4 people, and the cost is often calculated for the whole group. Taking care of the highest quality and comfort of learning, in case of very large groups (more than 40 people) we usually recommend dividing into smaller teams to ensure effective interaction.
Your feedback is extremely important to us, as it allows us to continuously improve our offerings. After each training session, we send participants a link to a short online evaluation survey. You can also always contact us directly by email or phone to provide your comments.
  1. One-pager invitation with deadlines
  2. Project kick-off
  3. Strategic leadership and thinking
  4. Communication and Cooperation. Conflict management
  5. Motivating, engaging and difficult decisions in business
  6. Managing Change and Innovation. Leadership in crisis
  7. Building the organization of the future
  8. Best practices workshop - retrospective; creating a coherent program for middle and lower management levels