Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

salt security

Edge Security Is Not Enough: Why Agentic AI Moves the Risk Inside Your APIs

Dec 30, 2025 By Eric Schwake In Salt Security
For the last twenty years, cybersecurity has been built around the edge: the belief that threats come from the outside, and that firewalls, WAFs, and API gateways can inspect and control what enters the environment. That model worked when applications were centralized, traffic was predictable, and most interactions followed a clear pattern: a user in a browser talking to an app inside a data center. Agentic AI breaks that model.
Read Post
miniorange

Authenticate Users in Joomla Using the REST API: A Practical Guide for Developers

Dec 30, 2025 By Identity & Access Management (IAM) In miniOrange
Modern Joomla applications are no longer limited to traditional website workflows. Today, Joomla powers mobile apps, headless frontends, third-party integrations, and backend services that rely heavily on REST APIs. In all these cases, secure API authentication becomes a foundational requirement.
Read Post
appknox

Ensuring API Testing Meets Compliance: Policies, Performance, and Proof

Dec 23, 2025 By Rucha Wele In Appknox
APIs sit at the center of modern applications. They move data between systems, power mobile apps, and enable integrations at scale. Naturally, they are also a focal point for regulators, auditors, and attackers. Most organizations today do test their APIs. Yet many still struggle during audits. Not because testing didn’t happen, but because it wasn’t consistent, governed, or provable. Compliance frameworks don’t ask whether you ran an API scan.
Read Post

Bots vs. Barcodes: The Resource Quota Failure. #ticketmaster #bla #ratelimiting #businesslogic

Dec 23, 2025 By Wallarm In Wallarm
The infamous Ticketmaster case highlights BLA 1: Resource Quota Violation. Attackers used bots for mass purchasing and employed ingenious evasion: they reverse-engineered the barcoding logic to rotate and authenticate tokens, bypassing security controls. The core failure? Flawed rate limiting and business logic expiration. You must protect your inventory and your purchasing flows as if they were financial assets.
View Video

Protecting the Language of AI: Why API Security is No Longer Optional

Dec 23, 2025 By A10 Networks In A10 Networks
Protecting the Language of AI: Why API Security is No Longer Optional As AI continues to reshape the digital landscape, APIs have become the "language" of innovation—but they've also become a massive target for attackers. In this clip from the A10 Networks webinar, "APIs are the Language of AI: Protecting Them is Critical," security experts Jamison Utter and Carlo Alpuerto discuss the complexities of modern API security.
View Video

Asymmetric Data: The New Challenge for API Security

Dec 22, 2025 By A10 Networks In A10 Networks
Asymmetric Data: The New Challenge for API Security In this A10 Networks video, "APIs are the Language of AI: Protecting Them is Critical," security experts Jamison Utter and Carlo Alpuerto discuss the unique challenges of securing AI-driven data exchanges. Unlike traditional API interactions—where a request for a video clearly results in a video—AI interactions are defined by a "phenomenal" level of asymmetry. A tiny text request can trigger a massive, unpredictable response, making traditional security prediction models nearly obsolete.
View Video
How to Deliver Personalized Content Using IP Geolocation API

How to Deliver Personalized Content Using IP Geolocation API

Dec 22, 2025 By SecuritySenses In SecuritySenses
An intuitive grasp of customer needs is one of the most garish and trendy components of marketing excellence. Forward-thinking companies are proactively integrating next-gen platforms and tools. A prominent example of this trend is the adoption of IP geolocation services-a logical choice given today's market demands. McKinsey studies show that more than 70% of users are deterred by non-personalized content, which makes them feel frustrated. With a Geo API, you'll build a harmonious and credible connection with your audience through giving them context-aware content exactly when it matters most.
Read Post
wallarm

CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate

Dec 19, 2025 By Wallarm In Wallarm
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a practitioner’s mindset to leadership and incident response.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.