Explore the intersection of API and application security in this 51-minute conference talk by Joe Schottman, a Security Analyst focused on R&D. Gain insights into the OWASP Top Ten Security Risks for APIs and web applications, understanding their commonalities and differences. Learn the fundamentals of APIs, including Web Services and GraphQL, before diving into a comprehensive analysis of various security risks. Discover detection methods and prevention strategies for vulnerabilities such as injection attacks, API weaknesses, and excessive data exposure. Conclude with valuable final thoughts on harmonizing security approaches across both domains to create a more robust defense against potential threats.