Application programming interfaces (APIs) have become an essential component of modern applications in the digital age. However, with the increasing reliance on APIs as more businesses digitize their operations, the need for API security is more undeniable than ever before. API security is imperative as it prevents unauthorized access to data, maintains the confidentiality of users’ information, and helps prevent malicious attacks that could lead to significant damage to your business.

We have smashing news to share! Salt Security has been named Cybersecurity Solution of the Year in the Prestigious National Technology Awards – our first award in the UK and a brilliant recognition! Organized by National Technology News, the National Technology Awards celebrate the pioneers of technology and encourage excellence, providing the most comprehensive celebration of technology of the year.

This post is the second in a series describing OAuth implementation issues that put companies at risk. We create these posts to share rich technical details, drawn from real-world use cases, to educate the broader industry on the nature of these errors, their potential impact, and how to avoid them to better protect API ecosystems.

For those wondering what GraphQL is… “GraphQL is a query language for your API, and a server-side runtime for executing queries using a type system you define for your data. GraphQL isn't tied to any specific database or storage engine and is instead backed by your existing code and data.”

DevSecOps is all about better integrating security into the software development life cycle (SDLC). When combined with the desire to automate repetitive tasks, the inevitable conclusion is to put any repeatable testing tool into your app’s build pipeline. For any tooling that involves code analysis, it makes sense to sync up with existing testing workflows. That’s where CI comes in.