I’m an API Hacker and Here’s How I Hack Everything from the Military to AI
RSA Conference 2024 · Track Session
In this candid and insightful talk, Katie, known online as Insider PhD, demystifies the world of API hacking, arguing that its perceived complexity is largely a myth. Far from requiring elite technical prowess or sophisticated zero-day exploits, she contends that the vast majority of impactful API vulnerabilities stem from "silly mistakes" and fundamental business logic flaws. Katie, an API security researcher and technical marketer at Traceable, shares her journey and demonstrates through real-world examples how she has uncovered critical vulnerabilities in systems ranging from military-affiliated applications to modern AI platforms, often with surprisingly little effort.