Looking for any training or awareness materials on OWASP API Security Project

[Azzeddine Ramrami]

Hello Leaders,

Looking for any training or awareness materials on OWASP API Security Project.

If you could share any materials this will help in my course and in the coming OWASP training days.

Cordialement/Regards/Mit freundlichen Grüßen/Cordiali saluti/Saludos/تحية خالصة

Dr Azzedine Ramrami   OWASP Morocco Chapter OWASP AppSec Africa President Professeur IPP/ENSTA/AFROP Paris/France   Senior Security Architect Data & Application Security, DevSecOps, Cognitive Security, IoT/OT/ICS/SCADA Security & SIEM (ISC)2 CISSP 558255|Certified Mile2 CPTE/CPTC/CDFE/CSWAE and EC-Council C|EH OWASP RAF Project Leader OWASP CSRFGuard Project Leader

Join us at AppSec Morocco & Africa 2025 November 3/4, 2025 Casablanca/Morocco

Mobile: +33 6 65 48 90 04 / +33 6 10 25 93 15 E-mail:   azzeddin...@owasp.org

[Paulo Silva]

Hi Azzedine,
The OWASP API Security Top 10 is an awareness document by itself and you can find it here [1].
If you want a bit more context on the API Security Top 10 consider watching this presentation by Erez Yalon and Myself @ OWASP Global AppSec 2024 in Lisbon [2].

crAPI [3] is a snip-off project that you can use either for awareness (demo) or training. You can also find plenty of intentionally vulnerable APIs in the OWASP Vulnerable Web Applications Directory [4].

Please let me know in case you're looking for something project-specific.

[1]: https://owasp.org/API-Security/
[2]: https://www.youtube.com/watch?v=hn4mgTu5izg

[3]: https://owasp.org/www-project-crapi/

[4]: https://owasp.org/www-project-vulnerable-web-applications-directory/

Cheers,