Collaborate Disseminate
Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according to Wallarm. Prioritizing AAA principles Open authentication (OAuth), single-si… Continue reading The new imperative in API security strategy
The security performance of financial applications generally outperforms other industries, with automation, targeted security training, and scanning via Application Programming Interface (API) contributing to a year-over-year reduction in the percentag… Continue reading Financial organizations embrace automation for enhanced security
While APIs are essential to many operations and used extensively, a lack of prioritization and understanding is leading us towards a growing API security crisis, according to a report by Traceable AI and Ponemon Institute. The urgency for API security … Continue reading Elevating API security to reinforce cyber defense
The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception. First drafted five years ago and updated th… Continue reading Is the new OWASP API Top 10 helpful to defenders?
In this Help Net Security video, Andy Hornegold, Product Lead at Intruder, dives into API security and explores how several recent high-profile breaches were caused by simple failings – which didn’t require sophisticated security to prevent. The number… Continue reading Understanding how attackers exploit APIs is more important than ever
The proliferation of APIs has marked them as prime targets for malicious attackers. With recent reports indicating that API vulnerabilities are costing businesses billions of dollars annually, it’s no wonder they are at the top of mind of many cyber se… Continue reading How to handle API sprawl and the security threat it poses
Phishing, misconfigurations and missing patches are top concerns among security leaders, but they also say their organizations are letting observability tools gather rust. Continue reading Akamai Survey: API-Specific Controls are Lacking
As more organizations rely on the automation and scale that web applications and connected services provide, application programming interface (API) security has become imperative. In just the last year alone, unique attackers targeting customer APIs grew by 400%, proving that organizations must take a proactive approach to secure these increasingly valuable services. But considering the […]
The post The top 10 API security risks OWASP list for 2023 appeared first on Security Intelligence.
Continue reading The top 10 API security risks OWASP list for 2023
As more companies recognize APIs as the building blocks of modern software, API tools and services are evolving to meet their needs, according to Postman. Adopting an API-first approach “More companies are adopting an API-first approach to software dev… Continue reading API tools and services are fueling revenue growth
IT teams are struggling to monitor and enforce BYOD (Bring Your Own Device) policies during summer months when more employees are often traveling or working remotely, according to ThreatX. With more endpoints and applications in use, and often personal… Continue reading Employees worry less about cybersecurity best practices in the summer