From QA to API Security Advocate: How a Single Webinar Changed My Career

A six-year QA engineer’s journey into API security, community, and advocacy

I've been testing software - web, mobile, APIs - you name it, for the past six years. However, until January 2025, I had no idea that API security even existed. That is all changed, however, after discovering a recorded webinar on YouTube by LambdaTest. The guest speaker was Bas Dijkstra, and his talk on API security ignited me. I was completely stunned at how big and neglected this space was in the QA community.

By the end of the session, Bas recommended checking out APIsec University. I did immediately. That single moment fueled the passion that has driven my API security journey, and I haven't looked back since.

I completed my first course, API Security Fundamentals, on January 29, 2025. I went on to take additional courses and even got myself certified as a Certified API Security Analyst.

My experience at APIsec University has been nothing short of amazing. The course content, support, and community have all been exceptional. The Discord community, to me, has been particularly outstanding—it's arguably the most active and supportive I've ever been a member of. I remember asking so many questions in the #course-discussion channel, and never felt once that I was being overlooked. 

Finally, I had a breakthrough: on May13th, 2025, I was selected to be an APISEC University Ambassador. What an immense honor and a dream come true moment. A huge shout-out to Jesse Freeman, Dean of Ambassadors, for believing in me and giving me the platform to champion API security among other Software Quality Assurance (QA) Engineers.
During the May 2025 APISEC|CON, I was also officially recognized as one of the top contributors in the APISec University Discord community for the month of May 2025. A moment of recognition I truly cherish.

One thing Bas Dijkstra said really stuck in my head: “While API security testing sounds like something best left to the experts, there's a lot a QA tester can do with common API testing tools and a healthy dose of curiosity and creativity”.

Ever since I became an ambassador, I've had this attitude fully. APIsec University not only taught me, it empowered me. I now regard myself as an advocate, a voice for the QA community speaking out about the importance of API security.

My first speaking engagement was on the 20th of June, 2025, with the TestarQuarter QA community in Lagos, Nigeria. I spoke about "Identifying Vulnerabilities and Testing for Security Flaws." I am not going to lie, never did I imagine that I would be here so early.
I always dreamed of sharing information with people, but never did I think that the opportunity would come up so early. Huge thank you to Dan and Jesse for giving me the resources and assistance I needed to ensure that session was a success.

It was a thought-provoking session with over 45 QA engineers and Developers in attendance, all eager to learn about API security. I addressed how UI testing is not enough and how QA engineers can leverage the 2023 OWASP Top 10 vulnerability list to identify severe flaws early on. I emphasized that authentication is not authorization—something that opened eyes for most in attendance. I also introduced the APISEC University and APISEC Scanner to the attendees.

You can watch the session here.

The Q&A session was terrific. I answered questions like "How do I begin?" and gave practical uses of the OWASP Top 10 from a QA engineer's own perspective.

Looking back, I'm hugely proud of the professional that I've become. Being an APISEC University Ambassador has provided me with a confidence boost, raised my knowledge, and given me the tools to lead other QA professionals to kick start their journey into API security.

I look forward to what's next –more public speaking opportunities, collaborations and ways to give back.

Thank you, APISEC University, for empowering my growth and inspiring my path

‍