Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API

synopsys

Secure cloud-native apps and APIs at the speed your business demands

Oct 30, 2023 By Kimm Yeo In Synopsys
The cloud-native development model entered the mainstream in recent years, with technologies such as microservices and serverless computing, containers, APIs, and infrastructure-as-code (IaC) at the forefront of this trend. Thanks to these emerging technologies, organizations can build and run their apps fast, in a distributed manner, and without reliance on physical hardware infrastructures.
Read Post
securitysenses

Harnessing the Magic of API: Turbocharging Business Automation

Oct 27, 2023 By SecuritySenses In SecuritySenses
In the bustling metropolis of the modern digital realm, there's a quiet revolution taking place. Businesses, from local startups to multinational corporations, are embracing an unseen hero that propels them to new heights: the Latenode API. But what is this mysterious force, and why is it setting the business world alight?
Read Post
bearer

Announcing beta support for PHP, alpha for Go and Python

Oct 26, 2023 By Guillaume Montard In Bearer

PHP holds the bar as one of the most popular and sought-after technologies for web development. As W3Techs shows, PHP code is running on 76.8% of all websites around the globe. We are very excited to announce that the latest version of Bearer now supports PHP in Beta, with more than 50 rules already available, providing a good level of security risks and vulnerabilities coverage. For the PHP support in this release, we have included a strong focus on the popular Symfony framework.

Read Post
tripwire

The growth of APIs attracts Cybercrime: How to prepare against cyber attacks

Oct 24, 2023 By Josh Breaker-Rolfe In Tripwire

Application Programming Interfaces (APIs) have profoundly transformed the internet's fabric. In the pre-API era, digital interactions were limited by siloed systems functioning in isolation. APIs dismantled these barriers by introducing a universal language that diverse applications could comprehend. This linguistic bridge facilitated an unprecedented level of interconnectivity between software entities.

Read Post
salt security

Oh-Auth - Abusing OAuth to take over millions of accounts

Oct 24, 2023 By Aviad Carmel In Salt Security
OAuth (Open Authorization) is one of the fastest adopted technologies in the AppSec domain. From its first introduction in 2006, as an attempt to introduce a standard authorization protocol, it has become one of the most popular protocols for both user authorization and authentication, and it’s being used by almost every major web service and website today. One of the reasons for its huge popularity is its ease of implementation.
Read Post

OAuth security gaps at Grammarly (now remediated)

Oct 24, 2023 By Salt Security In Salt Security
This short video explains how Salt Labs researchers identified several critical security flaws on the popular site - Grammarly. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user. All issues were reported to Grammarly and have been resolved with no evidence of these flaws being actively exploited in the wild. In the research, they also found similar vulnerabilities in Vidio.com and Bukalapak.com.
View Video
noname security

2023 API Security Trends for Manufacturing

Oct 17, 2023 By Dan Murphy In Noname Security

Manufacturing is an industry in flux. The sector has been acutely affected by inflation, supply chain challenges and labor shortages in recent years, while also grappling with rapid developments in technology. It is no stretch to state that a manufacturer’s ability to leverage technology is a key determinant in its success and failure – now and into the future.

Read Post
wallarm

Elevating Enterprise API Security with Wallarm for MuleSoft Anypoint Platform

Oct 17, 2023 By Wallarm In Wallarm

In an age characterized by digital transformation, APIs serve as the backbone of modern applications, enabling diverse systems to communicate and share data seamlessly. This widespread API adoption, however, exposes organizations to a considerable attack surface, inviting the attention of cyber adversaries searching for vulnerabilities to exploit.

Read Post
noname security

Noname Leads the Way for API Security in the Federal ZT Journey

Oct 16, 2023 By Dean Phillips In Noname Security

Over 18 months ago, a small group of us started a program to support the US federal government and the broader public sector with robust API security. Recognizing the major shifts in government cyber security, we focused on Zero Trust early. We wrote about it, talked about it, and evangelized on the importance of including API security in a ZT architecture. An early achievement was a detailed mapping of API security to the pillars of ZT over a year ago.

Read Post
wallarm

2023 OWASP Top-10 Series: Wrap Up

Oct 14, 2023 By Wallarm In Wallarm

Over the past several months, we've taken a journey through the new 2023 OWASP API Security Top-10 list. In the previous 12 weekly posts, we've delved into each category, discussed what it is, how it's exploited, why it matters, and suggested effective protections for each. Now, as we conclude this series, it's time to summarize and offer some practical guidance for security practitioners looking to bolster API security in their organizations.

Read Post
Subscribe to API

Copyright © 2024 OpsMatters™. All rights reserved.