Application security, Managed services

Using Rate Limiting to Protect Web Apps and APIs – Jack Zarris – ASW #108

Rate limiting can be used to protect against a number of modern web application and API attacks. We’ll discuss some of those attacks, including Object ID enumeration, in detail, will demo an attack and will show how using rate limiting in our solution can protect against these attacks.

To learn more about Signal Sciences, visit:

Sponsored By

Signal Sciences
Full episode and show notes


  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit, click the register button to register with our discount code!

  • Don't miss any of your favorite Security Weekly content! Visit to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at


Zack Zarris
Zack Zarris
Senior Sales Engineer at Signal Sciences

Jack Zarris is a Senior Sales Engineer with Signal Sciences. He has over 20 years of experience in the security industry, with focuses on web application and database security for on-prem and cloud hosted apps, product management, load balancing, and mobile device management and security.


Mike Shema
Mike Shema
Security Partner at Square
John Kinsella
John Kinsella
Co-founder & CTO at Cysense
Matt Alderman
Matt Alderman
VP, Product at Living Security
prestitial ad