Collaborate Disseminate
The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception. First drafted five years ago and updated th… Continue reading Is the new OWASP API Top 10 helpful to defenders?
In this Help Net Security video, Andy Hornegold, Product Lead at Intruder, dives into API security and explores how several recent high-profile breaches were caused by simple failings – which didn’t require sophisticated security to prevent. The number… Continue reading Understanding how attackers exploit APIs is more important than ever
The proliferation of APIs has marked them as prime targets for malicious attackers. With recent reports indicating that API vulnerabilities are costing businesses billions of dollars annually, it’s no wonder they are at the top of mind of many cyber se… Continue reading How to handle API sprawl and the security threat it poses
Phishing, misconfigurations and missing patches are top concerns among security leaders, but they also say their organizations are letting observability tools gather rust. Continue reading Akamai Survey: API-Specific Controls are Lacking
As more organizations rely on the automation and scale that web applications and connected services provide, application programming interface (API) security has become imperative. In just the last year alone, unique attackers targeting customer APIs grew by 400%, proving that organizations must take a proactive approach to secure these increasingly valuable services. But considering the […]
The post The top 10 API security risks OWASP list for 2023 appeared first on Security Intelligence.
Continue reading The top 10 API security risks OWASP list for 2023
As more companies recognize APIs as the building blocks of modern software, API tools and services are evolving to meet their needs, according to Postman. Adopting an API-first approach “More companies are adopting an API-first approach to software dev… Continue reading API tools and services are fueling revenue growth
IT teams are struggling to monitor and enforce BYOD (Bring Your Own Device) policies during summer months when more employees are often traveling or working remotely, according to ThreatX. With more endpoints and applications in use, and often personal… Continue reading Employees worry less about cybersecurity best practices in the summer
API calls make up the majority of our digital lives. Take, for example, the everyday use of a cloud-based food delivery app, which could involve up to 25 API calls. Between the order being placed, transmission to the restaurant, the coordination of del… Continue reading The root causes of API incidents and data breaches
While API security remains a top cybersecurity concern this year, there is still an alarming lack of implementation for most companies, according to Traceable AI. Companies overlook API security Companies are struggling with unchecked API sprawl, lack … Continue reading The fragmented nature of API security ownership
The second half of 2022 marked a significant turning point in the security landscape. In several high-profile incidents, application programming interfaces (APIs) emerged as a primary attack vector, posing a new and significant threat to organizations’… Continue reading Attack automation becomes a prevalent threat against APIs