API

Find All Your APIs with API Discovery

Aug 2, 2023 By Noname Security In Noname Security

APIs operating without any security controls are just waiting to be exploited. Misconfigurations, suspicious behavior, and cyber attacks may already be occurring without your knowledge. Hackers are on the lookout for APIs that will allow them to access data covertly, providing time to not only extract data, but to explore additional attack vectors.

View Video

Noname Security

API
Security

Read more about Find All Your APIs with API Discovery

2022 Year-End API ThreatStats Report

Aug 1, 2023 By Wallarm

This 2022 recap report looks back at the deteriorating API threat landscape, the most prevalent types of threat vectors, the most vulnerable types of APIs, and much more to provide API security and DevOps teams the data-driven insights needed to improve API security in 2023. One of the main take-aways is that the API threat landscape is becoming ever more dangerous. We make this assessment based on the 2022 data, and specifically these four trends.

Get Report

Wallarm

API
Security

Read more about 2022 Year-End API ThreatStats Report

What Can be Learned from the JumpCloud Security Incident

Jul 27, 2023 By Nick Rago In Salt Security

In an ideal world, security incidents result in minimal damage, and we can learn from them to improve our future defenses. Fortunately, such appears to be the case with JumpCloud. According to JumpCloud’s blog post, its recent security incident impacted fewer than 5 JumpCloud customers and fewer than 10 devices. Moreover, working together with their incident response (IR) partner Crowdstrike (also a Salt Security partner), JumpCloud has mitigated the attack vector used by the threat actor.

Read Post

Salt Security

Read more about What Can be Learned from the JumpCloud Security Incident

What is an Attack Vector?

Jul 27, 2023 By Noname Security In Noname Security

Attack vectors are the techniques attackers deploy to infiltrate or breach your network. Certain attack vectors take aim at humans that have network access, while other attack vectors target weaknesses in overall infrastructure and security. If this video doesn't cover everything you need to know, you can learn more about attack vectors at our Noname Academy: nonamesecurity.com/learn/what-is-an-attack-vector/

View Video

Noname Security

Read more about What is an Attack Vector?

Noname Security: Seeing the Whole Elephant

Jul 27, 2023 By Filip Verloy In Noname Security

The parable of the blind men and an elephant is a story of a group of blind men who have never encountered an elephant before, and who learn and imagine what the elephant is like by touching it. Each blind man feels a different part of the elephant’s body, but only one part, such as the side or the tusk. They then describe the elephant based on their limited experience, and their descriptions of the elephant are different.

Read Post

Noname Security

Read more about Noname Security: Seeing the Whole Elephant

What is OpenAPI?

Jul 27, 2023 By Noname Security In Noname Security

Originally known as the Swagger Specification, the OpenAPI Specification (OAS) is a format that can be used to describe, produce, consume, and visualize RESTful web services. It’s a specification standard for REST APIs that defines the structure and syntax.

View Video

Noname Security

Read more about What is OpenAPI?

Why Fuzzing isn't enough to Test your APIs

Jul 26, 2023 By Harold Bell, Director of Content Marketing In Noname Security

In today's fast-paced development environment, a comprehensive API security testing strategy is no longer a luxury, but a necessity. Testing your APIs for security gaps ensures that your APIs functions are reliable, secure, and perform as expected under different circumstances. It helps to identify issues such as incorrect data formats, missing or inaccurate data, and faults in authentication or authorisation.

Read Post

Noname Security

Read more about Why Fuzzing isn't enough to Test your APIs

Using Bearer to scan your code for Privacy risks

Jul 25, 2023 By Guillaume Montard In Bearer

Did you know that Bearer offers the ability to automatically compile the privacy information Legal teams need from Security and Engineering teams?

Read Post

Bearer

Read more about Using Bearer to scan your code for Privacy risks

API Discovery: Definition, Importance, and Step-by-Step Guide on AppTrana WAAP

Jul 25, 2023 By Gaurav Chauhan In Indusface

The growing use of APIs in various business areas exposes organizations to new security risks. An analysis of data breaches reveals that US companies could face losses ranging from $12 billion to $23 billion in 2022 due to compromises linked to APIs. Lack of visibility plays a major role in the rise of API breaches. The lack of visibility inherently creates blind spots. How do you overcome the problem of hidden APIs?

Read Post

Indusface

Read more about API Discovery: Definition, Importance, and Step-by-Step Guide on AppTrana WAAP

State of API Security for Financial Services and Insurance

Jul 24, 2023 By Salt Security In Salt Security

As financial services and insurance organizations have increasingly turned to APIs to accelerate business innovation, attackers have also changed their tactics, making APIs their prime target. This short video discusses findings from the first industry-specific version of the State of API Security report and draws on a combination of survey responses and empirical data from the Salt Cloud. Key trends revealed by the survey include.

View Video