OAuth is an important part of modern authorization frameworks, granting access to resources across different applications easily. However, vulnerabilities in OAuth implementations can create significant security risks. Following research released by Salt labs that uncovered critical vulnerabilities in the world's most popular authorization mechanism, Salt has released a multi-layered protection package to detect attempts to exploit OAuth and proactively fix the vulnerabilities.

Complying with data protection regulations isn’t easy, but it has traditionally involved dealing with familiar risks. For example, do your IT admins have the right amount of access to systems touching sensitive information? Review, remediate, report, and repeat. Compliance has been cumbersome, but workable. The problem is, today’s attack surface is nowhere near workable. And it’s evolving to include threats that most compliance programs aren’t yet accounting for.

Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore. The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native environments using API schema validation. By relying on a positive security model, our API Firewall only allows calls that match a predefined API specification while rejecting everything else.

In large-scale SD-WAN deployments, both enterprises and Managed Security Service Providers (MSSPs) place a high priority on ensuring that SD-WAN CPEs seamlessly integrate with the nearest Netskope NewEdge Network Point of Presence (PoP). Automating this integration process is crucial as it not only saves considerable time but also boosts business agility.

On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto is here. Palo Alto has marked this vulnerability as critical and NVD has scored it a 10.0 with CVSSv3. Wallarm currently detects attacks against this vulnerability with no additional configuration required.

Simply put, APIs (short for application programming interface) are how machines, cloud workloads, automation and other non-human entities communicate with one another. They also represent an access point to highly sensitive company data and services. Almost every organization uses these machine interfaces, and their usage is only growing because they are essential to digital transformation and automation initiatives.

APIs (Application Programming Interfaces) have become the backbone of many modern applications, and indeed the foundation of some businesses services. APIs enable seamless communication between applications, services and systems, allowing organisations to innovate, collaborate and deliver value to their customers. However, as reliance on APIs grows, so does the need for robust security measures to protect these critical digital assets from potential threats.

APIs (Application Programming Interfaces) have proliferated widely, which increases their susceptibility to various vulnerabilities. In the realm of web applications, prime examples that stand out are SOAP (Simple Object Access Protocol) and Representational State Transfer (REST) APIs. Due to their inherent complexity and the dynamic nature of software ecosystems, common vulnerabilities include inadequate authentication mechanisms and injection attacks such as SQL injection or cross-site scripting (XSS).