Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

salt security

The Agentic Era is Here: Announcing the 4th Edition of AI & API Security For Dummies

Dec 18, 2025 By Eric Schwake In Salt Security
If you look at the headlines, the story is about Artificial Intelligence. But if you look at the architecture, the story is about APIs. The reality of modern tech is simple: You can’t have AI security without API security. As we move rapidly from simple chatbots to autonomous agents, the way we secure our infrastructure must evolve. That is why we are thrilled to announce the release of the 4th Edition of AI & API Security For Dummies, Salt Security Special Edition.
Read Post
datadog

From discovery to defense: Securing APIs with Datadog App and API Protection

Dec 18, 2025 By Margherita Donnici In Datadog
APIs now sit at the center of almost every digital product, from mobile apps and SaaS platforms to embedded services. As organizations scale, the number of endpoints grows quickly, as does the attack surface. Unmonitored or misconfigured APIs have already led to major incidents across industries, including data exposure, broken authentication, and large-scale account takeover.
Read Post

The Easiest Way to Get Hacked: Open Introspection. #graphql #businesslogic #apisecurity #rbi

Dec 18, 2025 By Wallarm In Wallarm
The RBI incident (Burger King, Tim Hortons) proves that BLA often results from a cascade of simple flaws, not one complex attack. The key mistake: GraphQL Introspection was enabled. This gave the attacker the full API blueprint - the map needed to find the open registration validation flaw and execute a massive data leak. Action Item: If you have GraphQL, check your production settings now. Disable Introspection. Don't hand the attacker the map to your castle!
View Video

Agentic Era: The Myths and Realities of It All

Dec 18, 2025 By Salt Security In Salt Security
After four sessions covering the technical realities, business imperatives, and security challenges of agentic AI, Salt Security’s Co-Founder and CEO Roey Eliyahu, and Salt's CMO Michael Callahan, come together for an unfiltered conversation about where the industry actually stands and where it's headed. The gap between AI ambition and operational readiness has never been wider.
View Video
salt security

The 12 Months of Innovation: How Salt Security Helped Rewrite API & AI Security in 2025

Dec 17, 2025 By Eric Schwake In Salt Security
As holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.” But for security teams, it was something more specific – the year APIs, AI agents, and MCP servers collided across the API fabric, expanding the attack surface faster than most organizations could keep up. At Salt Security, we spent 2025 focused on one thing: defending the API action layer where AI, applications, and data intersect.
Read Post
link11

Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026

Dec 16, 2025 By Link11
Link11 releases new insights outlining five key cybersecurity developments expected to influence how organizations across Europe prepare for and respond to threats in 2026. The findings are based on analysis of current threat activity, industry research, and insights from the Link11 European Cyber Report, alongside broader market indicators such as PwC's Global Digital Trust Insights 2026.
Read Post
salt security

Securing the AI Frontier: How API Posture Governance Enables NIST AI RMF Compliance

Dec 16, 2025 By Eric Schwake In Salt Security
As organizations accelerate the adoption of Artificial Intelligence, from deploying Large Language Models (LLMs) to integrating autonomous agents and Model Context Protocol (MCP) servers, risk management has transitioned from a theoretical exercise to a critical business imperative. The NIST AI Risk Management Framework (AI RMF 1.0) has emerged as the standard for managing these risks, offering a structured approach to designing, developing, and deploying trustworthy AI systems.
Read Post

If You Can't Block It, You Don't Secure It. #mitigation #cyberdefense #apisecurity #blocking

Dec 16, 2025 By Wallarm In Wallarm
Detection is information; Blocking is mitigation. For Business Logic Abuse, simple detection alerts are not enough. Your tools must be able to actively block those manipulative, stateful attacks in real-time. Furthermore: Stop "one-and-done" security testing! You must continuously tune your testing by adopting an adversary's perspective. Tune your defense as constantly as attackers tune their exploits.
View Video

AppTrana AppSec Platform | AI-powered All-in-One Web and API Security Platform

Dec 16, 2025 By Indusface In Indusface
About Indusface: Indusface is a leading application security SaaS company, securing over 6,500 customers across 95 countries with its award-winning platform. Backed by leading institutional investors, Indusface is a category leader in cloud WAAP, with repeated recognition from top analysts and industry platforms including Gartner, Forrester, GigaOm, and G2. The industry's only AI-powered, all-in-one AppSec platform helps businesses discover, detect, remediate, and protect web applications and APIs at internet scale, backed by a 100% uptime guarantee.
View Video

CISO Guide: 3 Steps to Stop Business Logic Abuse in Design #ciso #businesslogic #apisecurity

Dec 11, 2025 By Wallarm In Wallarm
Fixing Business Logic Abuse starts at the whiteboard, long before code is written. Here is the three-step defense: Map Critical Workflows: Visualize data flows and state transitions for all high-value features. Implement Adversary Emulation: Integrate the hacker's mindset into your process to find flaws early. Test Constantly: Refine and re-test the logic at every phase of the CI/CD pipeline.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.