Collaborate Disseminate
When it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a risk analysis con… Continue reading The emergence of trinity attacks on APIs
Cybersecurity professionals are frustrated over how much time and attention they must devote to API security and worried that their defenses still need to be improved, according to Corsha. Researchers recently surveyed over 400 security and engineering… Continue reading Enterprises remain vulnerable through compromised API secrets
At a surface level, APIs help businesses to connect applications and share data with one another. This creates an easier, more seamless experience for customers and users. If you have ever used your Google account to log into multiple sites or apps, ch… Continue reading APIs are placing your enterprise at risk
Axway announced new data from its inaugural 2022 Open Everything Strategy Survey Report, which found that nearly 40% of organizations are in the process of adopting a new hybrid approach for their IT infrastructure. The transformation comes as 68% of r… Continue reading 68% of IT leaders are worried about API sprawl
In this Help Net Security video, Dr. Pedram Hayati, Founder of SecDim, offers a technical write-up based on a secure programming challenge. The task was inspired by a major security breach that happened to a telco in Australia and offers lessons learne… Continue reading Three security design principles for public REST APIs
Imperva releases The State of Security Within eCommerce 2022 report, a 12-month analysis by Imperva Threat Research of cybersecurity threats targeting the retail industry. Retail industry cybersecurity threats A range of automated threats – from … Continue reading API abuses and attacks create new challenges for retailers
Cequence Security released its first half 2022 report titled, “API Protection Report: Shadow APIs and API Abuse Explode.” Chief among the findings was approximately 5 billion (31%) malicious transactions targeted unknown, unmanaged and unprotected APIs… Continue reading Shadow APIs hit with 5 billion malicious requests
In this Help Net Security video, Shay Levi, CTO at Noname Security, discusses the findings from a recent API security report, which reveals a growing number of API security incidents, a concerning lack of API visibility, and a level of misplaced confid… Continue reading APIs are quickly becoming the most popular attack vector
The use of application programming interfaces (APIs) has exploded as businesses deploy mobile apps, containers, serverless computing, microservices, and expand their cloud presence. Consequently, many APIs are developed and deployed very quickly, leadi… Continue reading API authentication failures demonstrate the need for zero trust
It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks to the original design is extremely difficult, and it must be validated beca… Continue reading The holy trifecta for developing a secure API