We have exciting news to share! Salt Security is building a bi-directional integration with the Wiz cloud security platform! With this announcement, Salt becomes the first API security vendor to build a two-way integration with Wiz, giving Wiz customers the deepest and most actionable insights into API behaviors – all within Wiz’s comprehensive cloud security platform.
Starting today, Cloudflare’s API Gateway can protect GraphQL APIs against malicious requests that may cause a denial of service to the origin. In particular, API Gateway will now protect against two of the most common GraphQL abuse vectors: deeply nested queries and queries that request more information than they should.
Continuing a review of the new National Cybersecurity Strategy, today I look at the second pillar, Disrupt and Dismantle Threat Actors. It’s heavy on collaboration, information sharing, and integrated response, and lays out five objectives that, on the surface, make sense: However, reading through the specifics of the five objectives, I see major challenges in achieving some of these. I’ll only address a few underlying issues in order to keep this more manageable.
Bearer CLI's CI/CD integration with GitLab is a great way to add security scanning to your projects. We've taken things a step further and now support GitLab's SAST security scanner integration directly in GitLab CI for GitLab Ultimate users. This feature is available in Bearer CLI v1.9.0 and later. See our upgrade guide for your platform. Let’s dive into how it works.
Avord, a cybersecurity services and solutions organization based in the UK, is working with API security pioneer, Noname Security, to deliver API security reconnaissance as a service.
It’s hard to be in the realm of technology and not hear about APIs these days. Whether it’s the launch of the ChatGPT API or news of a significant data breach at Twitter, APIs are having their time in the spotlight. Yet, despite their ubiquity, many still have questions about APIs' capabilities (and limitations). What are APIs for? What do they do? And what are they unable to do in the current era?
APIs power today’s digital economy and enable organizations to succeed in their business innovation efforts. Because every company’s APIs are unique, so are its security gaps, which bad actors will inevitably try to exploit. Only through rich context and deep behavioral analysis can these attackers be stopped. Many of the APIs that enable today’s applications and business services live and breathe within the Amazon Web Service (AWS) ecosystem.
The Open Web Application Security Project (OWASP) is a non-profit foundation devoted to web application security. One of OWASP's guiding principles is that all of their resources should be freely available and simple to find on their website, enabling anyone to increase the security of their own web applications. They provide forums, tools, videos, and documentation among other things.
As part of Bearer CLI v1.9.0 release, we're thrilled to offer improved code scanning integration with GitHub for our open-source security scan. In this article, we'll briefly go over the format that makes this possible, how it works, and how you can start using it today.
