Tag: api
-
How Akamai’s Acquisition of Noname Enhances API Protection
Noname Security CEO Oz Golan on Strengthening API, Web Security Post-Acquisition. Akamai’s $450 million acquisition of No Name Security marks a pivota… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/how-akamais-acquisition-noname-enhances-api-protection-a-25955
-
Salt Security Continues to Innovate as Leader in API Security
The API security landscape is changing rapidly, and cybercriminals are becoming increasingly sophisticated. According to the Salt Labs State of API Se… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/salt-security-continues-to-innovate-as-leader-in-api-security/
-
APIs, Web Applications Under Siege as Attack Surface Expands
Attackers are increasingly targeting web applications and APIs, with a nearly 50% year-over-year growth in web attacks, driven by the increased adopti… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/apis-web-applications-under-siege-as-attack-surface-expands/
-
6 Types of Applications Security Testing You Must Know About
While the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy is… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/6-types-of-applications-security.html
-
KI-gestützte API-Sicherheit
Qualys stellt eine erweiterte Funktionen für das Web-Application-Scanning (WAS) vor, die fortschrittliche API-Sicherheitsfunktionen auf Basis künstlic… First seen on netzpalaver.de Jump to article: netzpalaver.de/2024/07/28/ki-gestuetzte-api-sicherheit/
-
Attack Detection and Threat Hunting Common Topics We’re Asked About
This article is the fifth in a series of five covering key API security topics and provides some answers to common questions we often get when talking… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/attack-detection-and-threat-hunting-common-topics-were-asked-about/
-
How Recorded Future is operationalising threat intelligence
Recorded Future is investing in APIs to enable automated security workflows, among other measures, to help organisations overcome the hurdles of opera… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366592076/How-Recorded-Future-is-operationalising-threat-intelligence
-
Deploy API Security On-Premises with New Imperva API Security Anywhere Self-Managed Option
Tags: apiAPI Security Anywhere Self-Managed Option Imperva continues to deliver solutions that help customers protect their applications and APIs, whether in t… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/deploy-api-security-on-premises-with-new-imperva-api-security-anywhere-self-managed-option/
-
Swipe Right for Data Leaks: Dating Apps Expose Location, More
Apps like Tinder, Bumble, Grindr, Badoo, OKCupid, MeetMe, and Hinge all have API vulnerabilities that expose sensitive user data, and six allow a thre… First seen on darkreading.com Jump to article: www.darkreading.com/application-security/swipe-right-for-data-leaks-dating-apps-expose-location-more
-
API Posture Management Common Topics We’re Asked About
Tags: apiThis article is the second in a series of six covering key API security topics and provides some answers to common questions we often get when talking… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/api-posture-management-common-topics-were-asked-about/
-
Sicherheit im digitalen Dschungel Priorisierung von Risiken für Unternehmen
Die Sicherung unserer Datenlandschaft gleicht oft einer Expedition in einen dichten Dschungel. Jede Webseite, jeder API-Endpunkt und jeder Cloud-Servi… First seen on netzpalaver.de Jump to article: netzpalaver.de/2024/07/19/sicherheit-im-digitalen-dschungel-priorisierung-von-risiken-fuer-unternehmen/
-
Another API Security Breach: Life360
It’s not always Logical Another day, another API breach in the news. The latest breach occurred on the Life360 platform where an advisory was… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/another-api-security-breach-life360/
-
USENIX Security ’23 Auditing Framework APIs via Inferred App-side Security Specifications
Authors/Presenters:Parjanya Vyas, Asim Waheed, Yousra Aafer, N. Asokan Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Pres… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/usenix-security-23-auditing-framework-apis-via-inferred-app-side-security-specifications/
-
Infisical: Open-source secret management platform
Infisical is an open-source secret management platform developers use to centralize application configurations and secrets, such as API keys and datab… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/24/infisical-open-source-secret-management-platform/
-
The Future of Appsec is APIs | Impart Security
API security, microservices, decentralized applications, WAF, authentication, authorization, AI, security testing, response and enforcement, WAFs, sec… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/the-future-of-appsec-is-apis-impart-security/
-
How Salt Catches Low and Slow Attacks While Others Can’t
In the ever-evolving landscape of cybersecurity, API attacks pose significant threats to organizations. These attacks, particularly the low and slow v… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/how-salt-catches-low-and-slow-attacks-while-others-cant/
-
Introducing the API Threat Landscape, a new resource for API security researchers
Since 2022, Escape’s security research team has been tracking API-related data breaches. We’ve decided to make our database public, providing detailed… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/introducing-the-api-threat-landscape-a-new-resource-for-api-security-researchers/
-
Misconfigured API exposes over 440K Life360 users’ data
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/misconfigured-api-exposes-over-440k-life360-users-data
-
Daten- und Benutzertracking bei Telekom per API?
Tags: apiUnschöne Geschichte: Die Deutsche Telekom scheint die Übersicht über ihre APIs etwas verloren zu haben. Lilith Wittmann hat eine Webseite online geste… First seen on borncity.com Jump to article: www.borncity.com/blog/2024/07/14/daten-und-benutzertracking-bei-telekom-per-api/
-
OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise
The tools are being positioned as crucial to help business customers meet requirements for regulations like FINRA, HIPAA, and GDPR. The post OpenAI Ro… First seen on securityweek.com Jump to article: www.securityweek.com/openai-rolls-out-compliance-api-and-integrations-for-chatgpt-enterprise/
-
Over 400,000 Life360 user phone numbers leaked via unsecured API
First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/
-
Overlooked essentials: API security best practices
In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 an… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/17/ankita-gupta-akto-api-security-best-practices/
-
Cyber Fail: Attack of the Zombie APIs!
Also: Election Security Dysfunction; the Legacy of Government-Backed Spyware. Welcome to Cyber Fail, where our experts uncover fails so we can all str… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cyber-fail-attack-zombie-apis-a-25801
-
Hacker Leaks Data of More Than 15 Million Trello Users
A hacker who calls themselves emo says they accessed the information of 15 million Trello users in January through an unsecured REST API endpoint and … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/hacker-leaks-data-of-more-than-15-million-trello-users/
-
Fuzzing JSON to find API security flaws
First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/fuzzing-json-to-find-api-security-flaws/
-
Cequence Integration with F5 High Speed Logging (HSL) Enhances API Security Visibility
Tags: apiCequence integrates with F5’s High Speed Logging (HSL) solution, providing another zero-latency passive deployment option. This integration enables Ce… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/cequence-integration-with-f5-high-speed-logging-hsl-enhances-api-security-visibility/
-
API Transformation Cyber Risks and Survival Tactics
As you think about how to ensure your APIs are within your risk tolerance, ensure that you have a sound understanding of your inventory and the data a… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/api-transformation-cyber-risks-and-survival-tactics/
-
Apple Geolocation API Exposes Wi-Fi Access Points Worldwide
First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide
-
API Access Control: Optimizing your API Security
In the digital transformation era, APIs have become the glue that holds modern tech stacks together. APIs are critical for enabling seamless communica… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/api-access-control-optimizing-your-api-security/
-
33 Millionen Rufnummern: Hacker erbeuten Daten von beliebter Authenticator-App
Abgeflossen sind die Daten über einen ungeschützten API-Endpunkt von Twilio. Die Rufnummern der betroffenen Authy-Nutzer sind bereits in einem Hackerf… First seen on golem.de Jump to article: www.golem.de/news/33-millionen-rufnummern-hacker-erbeuten-daten-von-beliebter-authenticator-app-2407-186725.html