Collaborate Disseminate
In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta rec… Continue reading Overlooked essentials: API security best practices
Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the… Continue reading Using Authy? Beware of impending phishing attempts
Modern applications are taking over enterprise portfolios, with apps classed as modern now making up 51% of the total, up by more than a quarter in the last year, according to F5. According to the 2024 edition of F5’s State of Application Strategy Repo… Continue reading Security challenges mount as as companies handle thousands of APIs
In this Help Net Security video, Adam LaGreca, Founder of 10KMedia, sat down with John Leon, VP of Partnerships at Apiiro, discusses the company’s new technology partner program SHINE. The name stands for the program’s guiding principles – … Continue reading A closer look at Apiiro’s SHINE partner program
Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developers,… Continue reading Damn Vulnerable RESTaurant: Open-source API service designed for learning
Despite the critical role of APIs, the vast majority of commercial decision-makers are ignoring the burgeoning security risk for businesses, according to Fastly. Application Programming Interfaces (APIs) have long been recognised as a bedrock of the di… Continue reading 95% of companies face API security problems
A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals, according to Akamai. API integration amplifies risk exposure for enterprises APIs are at the heart of … Continue reading API environments becoming hotspots for exploitation
API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card data. Keeping this data safe from attackers—while ensuring that the integrations… Continue reading 5 ways to keep API integrations secure
As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication…. Continue reading Using AI to reduce false positives in secrets scanners
In 2024, API requests accounted for 57% of dynamic internet traffic around the globe, according to the Cloudflare 2024 API Security & Management Report, confirming that APIs are a crucial component of modern software development. But with their in… Continue reading The importance of a good API security strategy