Our Mission

We are here to provide free, high-quality education and resources on all aspects of API security that are easily accessible across the globe.

The API Security University (APIsecU) was founded on the belief that web application programming interfaces (APIs) are a vital pipeline for data to flow across the Internet. We realized that APIs are a leading attack vector for criminals and are continuously being adopted by organizations without sufficient security controls in place. At scale, this situation creates a perfect storm for criminals to breach data, devastate businesses, and expose sensitive information worldwide.

Recognizing this growing threat, we identified an urgent need for educational resources dedicated to application security.

APIsecU is committed to empowering defenders with the knowledge and skills they need to protect APIs effectively. Our mission is to provide accessible, high-quality, and free content to the global community of security professionals, IT specialists, developers, and organizations.

Through our educational platform, we aim to foster a community of defenders who can help discover and reduce vulnerabilities, enhance the resilience of APIs against evolving threats, and continuously help organizations protect their users and data from attacks.

May your API security experience be filled with prosperous bounties, the discovery of new CVEs, the inspiration to share your knowledge, and a deep satisfaction for helping prevent the next data breach.

hAPI Hacking!

Why Cyber Experts Love
APIsec University

APIsec U is a popular choice for students interested in API security. Our flexible and interactive courses are taught by leading experts in IT Security. With over 65,000 students, the course provides hands-on instructions for deepening industry knowledge. We focus on delivering high-quality education and skills needed for success in the field.

Photo of Gabrielle B.

Gabrielle B

APIsec University Graduate

I highly recommend taking the API Penetration Testing course by Corey J. Ball on APIsec University. I had a blast working on this course. You will have the opportunity to learn and apply the concepts right after with a hands-on lab that you can install and deploy yourself."

"
Photo of David Bombal

David Bombal

Author, Instructor and YouTuber

I love what you’ve done, if you take the free course, within a month, two months, three months, you can do this. Thank you so much for creating a free course and making this available to people around the world."

"

Meet Our Founders

Photo of Dan Barahona

Dan Barahona

We created APIsec University to provide much-needed API security training - and to build a community for current, and aspiring, cyber professionals."

"

Dan Barahona

Dan brings over 20 years of cybersecurity experience with executive leadership roles at APIsec, Qualys, Anomali, ArcSight and others. He’s led Product Development, Sales teams, and Marketing at startups and publicly traded companies. Dan co-founded APIsec University with Corey Ball in 2022 to help develop a new army of API security defenders. He earned engineering degrees from Rensselaer Polytechnic and Cornell University, and an MBA from University of Michigan.

Photo of Corey Ball

Corey Ball

API Security Expert

You can design an API you think is ultra-secure, but if you don't test it, then a cybercriminal somewhere is going to do it for you."

"

Corey Ball

Corey Ball has emerged as one of the leading experts in API security and is the author of Hacking APIs. Corey is a cybersecurity consulting manager at Moss Adams, where he leads its penetration testing services. He has over ten years of experience working in IT and cybersecurity across several industries, including aerospace, agribusiness, energy, financial tech, government services, and healthcare.

Advisory Board

Photo of Raj Umadas

Raj Umadas

Director of Security
at ActBlue
Photo of Alex Savage

Alex Savage

Head of Integrations
at Advanced
Photo of Gabrielle B.

Gabrielle Botbol

Offensive Security Advisor at Desjardins
Ads Dawson, Senior Security Engineer at Cohere

Ads Dawson

Senior Security Engineer at Cohere

Interested in using APIsec U courses internally?
Read up on our LMS-friendly courses here.

Meet Our Instructors

Photo of Jason Harmon

Jason Harmon

LinkedIn
CTO at Stoplight

As CTO of Stoplight, Jason Harmon oversees a world-class engineering team seeking to solve the software industry’s API design problems.

Photo of Corey Ball

Corey Ball

LinkedIn
Senior Manger,
Pentesting at Moss Adams

The author of Hacking APIs, and founder of APIsec University, Corey has emerged as one of the leading experts in API security.

Photo of Dan Barahona

Dan Barahona

LinkedIn
Head of Growth at APIsec

Dan brings over 20 years of cybersecurity experience with executive leadership roles at APIsec, Qualys, Anomali, ArcSight and others.

Shaked Edri, Data Analyst Team Lead, Upstream Security

Shaked Edri

LinkedIn
Data Analyst Team Lead, Upstream Security

Shaked is an experienced data analyst and product manager with 7 years of expertise. She thrives on tackling complex data-driven challenges, especially in the automotive and smart mobility field.

Tom Kaplan, Data Analyst Team Lead, Upstream Security

Tom Kaplan

LinkedIn
Data Analyst Team Lead, Upstream Security

Tom, with over 7 years of experience in data analytics and cybersecurity, leads a team of data analysts. His passion is analysing data to enhance cybersecurity, particularly in the connected vehicle realm.

Anthony Aragues

Anthony Aragues

LinkedIn
Head of APIsec Labs

Anthony has a 20+ year career in Security for government, enterprise and small companies.
He brings security knowledge from a well rounded perspective of being an active developer, security researcher and support for customers in the field.