Oct 17, 2025 – Jeremy Snyder – EMBEDDING API SECURITY BY DESIGN INTO DEVOPS PIPELINES Recently, I did a presentation titled “Embedding API Security by Design into DevOps Pipelines” at DevOps institute. The video is available for review on the post-event page here (registration required). “ Also, the good people at Mind’s Eye Creative produced a really nice graphic that helps explain the message that I was trying to convey. Embedding API security into DevOps pipelines Here’s a tl;dr version of what I hoped to communicate in this presentation: * Organizations are moving towards more platform-as-a-service (PaaS) offerings
* Part of the motivation for doing this is more API-oriented architecture
* But cyber attacks against APIs are actually increasing pretty rapidly, with very real impact and lots of sensitive data leaked
* The main attack vectors (authentication, probing, authorization, injection / bad requests) are things that can be easily detected and controlled at the application layer
* As such, defining the security controls around those can and should be done in your API
* Helper files and dedicated libraries can then check the validity of API requests in real-time IMPLEMENTING REAL-TIME API SECURITY IS POSSIBLE, AND SHOULD BE EASY. THAT’S WHERE FIRETAIL HOPES TO HELP. Please contact us if you’d like to discuss how.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/10/devops-institute-skilup-presentation-embedding-api-security-by-design-into-devops-pipelines-firetail-blog/
