2025-02-28 –, Shivneri Room (Chanakya Building / School of Business)
APIs have transformed the automotive and mobility industries, enabling seamless connectivity between vehicles, consumers, and enterprise systems. This innovation has unlocked new revenue streams and data-driven features for automakers. However, it has also introduced significant cybersecurity risks, as API vulnerabilities become a growing target for attackers.
From a lone vehicle hack in 2015 to a staggering 308% rise in API-related attacks by 2024, the story of automotive cyber threats reveals a shocking truth. APIs, now the backbone of connected cars, have become a goldmine for hackers, making API security more critical than ever.(Source: Upstream Reports)
API vulnerabilities in connected cars aren’t just about data leaks—they’re about lives and business integrity. Imagine a hacker accessing a fleet’s real-time location data, manipulating engine diagnostics, or remotely controlling functionalities of the car like opening the doors, honking the horn, flashing the lights . These are not science fiction scenarios; they’ve already happened. Yet, most organizations still treat API security as an afterthought, patching issues instead of addressing systemic flaws.
The session will be divided into three sections, focusing on Connected Cars API and Fleet Management:
Introduction and Importance of API Security (10 minutes)
Understand the role of APIs in connected cars and fleet management.
Learn why securing these APIs is critical for safety, privacy, and business operations.
Real-World Examples (10 minutes)
Explore incidents where insecure APIs led to breaches in connected car systems and fleet management platforms.
Discuss the impact on vehicle safety, data integrity, and fleet operations.
API Security Basics for Connected Cars and Fleet Management (10 minutes)
Identify common attack surfaces in connected vehicle APIs.
Learn how to recognize and address vulnerabilities specific to these systems.
will conclude the session with 5 minutes for Q&A.
Beginner - no experience needed
Veerkumar Patil is a highly experienced Software Testing Professional with a remarkable track record spanning over a decade in the field of Information Technology. He has made significant contributions across diverse sectors such as e-commerce, travel, banking, and telecommunications. Veerkumar's expertise extends to testing complex applications across various technology domains. He is well-versed in Test Automation, utilizing a range of testing frameworks including Selenium, Cypress, and Playwright. His proficiency extends to Continuous Integration and Continuous Deployment (CI/CD) practices, where he has worked with tools such as Azure DevOps, Gitlab, and GitHub Actions. Veerkumar has a solid foundation in API Testing and has excelled in building automation frameworks for API testing using tools like Rest-Assured and Karate. He is also recognized as an open-source contributor for various NPM packages designed to facilitate parallelization of Cypress Testing. Veerkumar's extensive experience includes crafting automation frameworks for testing intricate business applications and processes. Currently, he serves as the Principal Software Quality Engineer at Red Hat, where he plays a pivotal role in testing customer-facing applications for Red Hat's products. Beyond his professional responsibilities, Veerkumar is passionate about sharing his knowledge with the community through his YouTube channel and actively participates in various testing communities, where he presents valuable insights and experiences.