Collaborate Disseminate
Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a significant infosec problem, XSS attacks have remained a constant of the OWA… Continue reading Why XSS is still an XXL issue in 2021
We are delighted to be hosting some unique content from our friend and recovering hacker Alissa Knight. This is the third blog in a series about the security risks exposed by the push to adopt FHIR APIs in US healthcare.
The post Guest Blog: Aliss… Continue reading Guest Blog: Alissa Knight on ‘Playing with FHIR’
As enterprises continue their digital transformation journey in this Post-COVID era, applications are the engine that drives their business growth. Whether it’s a digital-first enterprise or one that is accelerating its digital transformation initiativ… Continue reading Gaining Insights Is Fundamental for API Security
APIs make the world go round in tech, but that also makes them a very key target for bad actors: as doorways into huge data troves and services, malicious hackers spent a lot of time looking for ways to pick their locks or just force them open when they’re closed, in order to access that […] Continue reading Salt Security lands $70M for tech to protect APIs from malicious abuse
The low code market continues to grow, increasingly finding adoption for more diverse and serious applications among enterprises and independent software vendors (ISVs). The lingering question of application code security follows, as stories of securit… Continue reading A leadership guide for mitigating security risks with low code platforms
Vanson Bourne surveyed 750 application security decision makers responsible for their organization’s application development and security to get their perspectives on data breaches, top application security vulnerabilities, and the most important produ… Continue reading Top application security challenges: Bad bots, broken APIs, and supply chain attacks
We are delighted to be hosting some unique content from our friend and recovering hacker Alissa Knight who will be writing on the topic of healthcare API security. In the first article, Alissa provided a plain English explanation of FHIR from the … Continue reading Guest Blog: Alissa Knight on ‘FHIR Walker: Authentication and Authorization in FHIR APIs’
Imperva is excited to be further expanding our presence in Latin America by launching a new Point of Presence (PoP) in Santiago, Chile, in partnership with leading Chilean Telecommunications provider Entel Corporations. Located within Entel’s gold-stan… Continue reading Imperva® Opens the first dedicated DDoS scrubbing center in Santiago, Chile
Photo credit: iStock.com/Evkaz
We are all very aware of the issues around phishing of user credentials. But it is not only users that can be phished, apps can be too. In previous blogs we’ve shown you how you can make a MITM attack against an app…. Continue reading API Keys Can Be Phished Too
By now most have heard about the Peloton data breach incident and no doubt the security team at Peloton is working long, hard hours to pull themselves out of this horrible situation. The damage is done but there are lessons we can, and should, learn fr… Continue reading API Security Need to Know: Lessons Learned From the Peloton Security Incident