Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



2023 OWASP Top-10 Series: API9:2023 Improper Inventory Management

Welcome to the 10th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API9:2023 Improper Inventory Management. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.


Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

On September 4, 2023, CERT-UA revealed a meticulously planned cyberattack targeting Ukraine's critical energy infrastructure. The attack's modus operandi was distinct; it utilized deceptive emails containing bait links, luring victims into downloading a seemingly innocuous ZIP archive. This archive, however, harbored malicious files designed to hijack the victim's computer, redirecting data flows and exfiltrating sensitive information using services like and

noname security

Noname Security and Intel Trust Authority: Building Trust Through Confidential Computing

Intel’s Trust Authority is a new service that provides remote verification of the trustworthiness of a compute asset, based on attestation (cryptographic verification) and policy (a legitimate workload). This is a significant development for confidential computing, as it provides a way for organizations to independently verify the security of their workloads. Noname Security is excited to be a partner in the Intel Trust Authority program.


How to Secure a REST API

Sitting at your desk, coding away with another cup of your favorite caffeine-infused beverage, you might be thinking to yourself, “it’s true what they say about no rest for the weary.” If you’re developing an app or architecting a cloud-native system, you can actually get the REST you need with the right Application Programming Interface (API). REST APIs provide a scalable, flexible, easy-to-use interface that makes developing and connecting web apps easier.

Wallarm AI Engine: How It Works

The main task of the run-time application security is to protect modern applications and APIs. In this endeavor the solutions face a number of challenges: Download this whitepaper to learn how Wallarm solves the difficult task of effective application security by relying on AI and machine learning including a unique combination of hierarchical clusterization, statistical n-gram based models, recurrent neural networks and reinforcement learning.

Evolution of Real Time Attack Detection

Attack detection is critical for most security solutions, whether we are talking about a load balancer-based (NIDS, WAF), host-based or in-application solutions (HIDS, RASP). Interestingly, regardless of the differences in architecture and data flow, most solutions use similar detection principles and techniques. We will explore how the detection architecture evolved over time and how the new generation of detection logic, such as the architecture implemented by Wallarm, is principally different from that of the legacy solutions.
noname security

Finding API Flaws Before Production

API flaws can cause several problems that can have negative consequences in production. These issues can range from security vulnerabilities, poor performance, and functionality errors. But most importantly, API flaws can lead to data breaches, system downtime, and damage to your company’s reputation. Therefore, it’s essential to thoroughly test and monitor APIs to detect and fix any flaws before they cause significant harm.

How Do API Key Codes and Fragments Work? Explained in Detail

In the realm of web development and software integration, APIs (Application Programming Interfaces) play a crucial role in facilitating communication between different systems and applications. To ensure secure and controlled access to APIs, many providers require the use of API key codes and fragments. In this blog post, we will explore how do API key codes and fragments, exploring their purpose, functionality, and best practices for implementation.
salt security

Strengthening our CrowdStrike Bond with Falcon Integration

It’s been just about a year since we first announced our partnership with CrowdStrike. We are delighted to share today that we’ve further strengthened that partnership with the new “better-together” story of Salt and the CrowdStrike Falcon® platform.