Security · Online live
API Security Hardening
OAuth2, mTLS, and threat modeling for public and partner APIs.
₩1,350,000 · 7 weeks · Advanced
Request informationOverview
Apply OAuth2 flows, scope design, and mTLS for B2B integrations. Includes threat modeling workshops tailored to API surfaces.
What is included
- OAuth2 authorization code and client credentials
- JWT validation pitfalls and rotation
- mTLS setup for partner gateways
- OWASP API Top 10 walkthrough
- Secrets management patterns
- Audit logging for sensitive endpoints
Outcomes
- Complete a threat model for one API
- Configure OAuth2 with scoped tokens
- Document key rotation procedure
Mentor
Hak-soo Choi
Security mentor; former appsec consultant for SaaS vendors.
FAQ
Penetration testing included?
We teach methodology; live pen tests on your employer systems are not part of the program.
Prerequisites?
Completed REST API Design Foundations or equivalent experience.
Certification?
Internal completion certificate only.
Reviews
"mTLS partner lab was the clearest explanation I have seen — diagrams helped."
"OAuth scope worksheet is now our team default."