API authentication is a combination of technology and process that proves or verifies the identities of users who want access to an API. Specifically, API authentication involves the use of a software protocol to verify that users are who they claim to be when a client makes an API call. API authentication solutions are usually set up to block access to an API if they detect something wrong with the user’s identity during the API call. It’s online verification of ID, a gatekeeping countermeasure that defends APIs from access by malicious actors. Remember, too, that in many cases, the API user is a machine, not a person.

In this webinar, Netskope Chief Platform Officer, Joe DePalo, wades through the marketing hype, false claims and outdated approaches that cripple many clouds. Designed specifically for networking, infrastructure and operations leaders, Joe shares the most critical questions to ask your cloud providers. This webinar is particularly timely considering the shift to SASE and the convergence of security and networking.

Grab a cup of coffee and join Mick Baccio, Ryan Kovar, and Audra Streetman for a spooky Halloween edition of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan also competed in a charity challenge benefitting World Central Kitchen to share the lessons learned from Cybersecurity Awareness Month.

This webinar is a deep dive into Teleport’s new Audit Log capability, dashboard, and refreshed unified resource UI. Teleport 14 introduces a new audit log backend that provides unrivaled visibility into all activity on a cluster. Allow teams to translate infrastructure audits into faster insights and actions, thus helping them make informed access decisions, support downstream SIEMs, and log consolidation tools.

API abuse, like most forms of hacking, involves making APIs do things they were not intended to do. When a developer creates an API, it will have a legitimate purpose, such as enabling API clients with proper permission to invoke the API to receive the data it represents. Pretty much any other use of that API could be considered abuse.

People search sites, also known as people finder sites, collect, publish and sell your personal info. They gather data from public records, social media and even purchase it from data brokers. Removing your info from these sites protects you from targeted cyberattacks.

Don’t get tricked by a phishing attack this spooky season. Follow these 4 expert tips to keep your online experience a treat.

How does it feel to find your first bug? What makes a good bug hunter? We get into all that and more with bug bounty hunter and face by the InsiderPhD YouTube channel, Katie Paxton-Fear. We also unpack the recent 23andMe data leak in Watchtower Weekly and share some fun and festive family-themed 1Password tricks in Did You Know?! 👨‍👩‍👧‍👦🎄 🏰 Watchtower Weekly 🎙 Guest Interview – Katie Paxton-Fear.

The CrowdStrike Falcon platform achieved 100% protection, 100% visibility and 100% analytic detection across all steps in the MITRE Engenuity ATT&CK Evaluations: Enterprise. During the evaluation, the CrowdStrike platform shut down advanced attacks by leveraging innovative capabilities including memory scanning, machine learning, industry-leading XDR, identity protection, and sandboxing, all delivered through a unified cloud-native platform.

This week on the podcast, we review a thorough unmasking of Octa Tempest, the threat actor beind the MGM and Caesars Entertainment attacks in September. Before that, we give an update on the Cisco IOS XE vulnerability that head to an implant installed on thousands of exposed devices. We round out the episode with an analysis of CitrixBleed, an information disclosure vulnerability in Citrix NetScaler that was just patched last week.