Dmitry Sotnikov

Dmitry Sotnikov

Chief Product Officer

Country: United States
Area of Interest: Smart Cities


Dmitry Sotnikov serves as Vice President of Cloud Platform at 42Crunch – an enterprise API security company – and also maintains, a popular community site with daily API Security news and weekly newsletter on API vulnerabilities, breaches, standards, best practices, regulations, and tools. Dmitry has more than two decades of experience in enterprise IT software and cloud computing – holding executive positions with companies such as WSO2, Jelastic and Quest Software.


When APIs are IoT's Weakest Link: Security Horror Stories

IoT systems can affect our physical safety and thus have to be secure by design. However, modern-day IoT systems include a lot more than the devices and physical equipment themselves. They increasingly are made of devices, cloud services, mobile and web applications, and APIs putting them all together. These intercomponent API calls typically happen on public networks.

By definition, APIs are available for discovery, remote calls, and scripted mass invocations by rogue actors. This makes proper API security design, validation, testing, and enforcement critical.

In this session we’ll discuss:

  • The treat unsecured APIs bring to IoT
  • Real-world API breaches including GPS watches, e-scooters, smart buildings, and cars
  • Ways to mitigate risk with modern API security design best practices 


To the speakers page