Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API

Why Regular APIs Aren't Safe for AI Agents: A Case for Enhanced Privacy and Controls

APIs are the backbone of modern applications, enabling seamless data exchange between systems. However, the rise of AI agents fundamentally shifts how APIs are utilized. Regular APIs, originally built for deterministic, non-AI use cases, are not inherently designed to handle the complexities and unpredictability of AI-driven applications. Using your regular APIs directly for AI agents or allowing AI agents to integrate without safeguards exposes your systems and data to significant risks.

API, Identities and solving for the biggest challenges

API calls are the backbone of modern software, enabling applications to communicate and share data seamlessly. However, with this integration comes the challenge of understanding and managing the identities used in API calls. These identities, often tied to authentication and authorization mechanisms, are crucial for determining what data is accessed and exchanged.

Dell's API Security Failure: How 49 Million Records Were Exposed #dell #DataBreach #dataleaks

In this video, we examine two significant API security failures, each with devastating consequences. The first breach used a simple trial-and-error method, exploiting broken access control to impact 10 million users. In the Dell example, API abuse exploited a lack of validation and rate limiting, allowing an attacker, posing as a partner, to scrape 49 million records over several weeks. These cases highlight the importance of robust API security practices, especially for business processes and access control. Watch to learn key takeaways on protecting APIs from similar attacks.

Founder's Corner: Episode 3

Welcome to Episode Three of Salt Security’s Podcast Series: Founder’s Corner Salt’s CEO and Co-founder, Roey Eliyahu, talks with Salt’s CMO, Michael Callahan, about the first step of the customer journey in API Security: Discovery (also known as the crawl stage). They dive into topics around Discovery (as well as Salt’s phases of Discovery), Data Security, Shadow and Zombie APIs, GenAI, and how Salt is utilizing AI.

Your AppSec Journey Demystified: Driving Effective API Security with Wallarm and StackHawk

There is no doubt that attackers have shifted their attention to APIs. Wallarm’s API ThreatStats research identifies that 70% of attacks now target APIs instead of Web Applications. While APIs have become the backbone of innovation and connectivity for businesses, they have also introduced a vast attack surface that’s challenging to defend with traditional methods alone.

Context is King: Using API Sessions for Security Context

There’s no doubt that API security is a hot topic these days. The continued growth in API-related breaches and increase in publicized API vulnerabilities has pushed API security to the top of CISO’s lists. The tools in the market for API security still have room for improvement, of course. One of the challenges security practitioners face with APIs is understanding the context in which an attack took place.

The Hidden Costs of API Breaches: Quantifying the Long-Term Business Impact

API attacks can be costly. Really costly. Obvious financial impacts like legal fines, stolen finances, and incident response budgets can run into the hundreds of millions. However, other hidden costs often compound the issue, especially if you’re not expecting them. This article will explore the obvious and hidden costs of API breaches, their long-term business impacts, and how you can communicate the importance of API security to business stakeholders and decision-makers.

How Weak Access Controls Led to the Optus API Breach #accesscontrol #databreach #dataleaks

Broken access controls are one of the leading causes of API breaches. Learn how weak access control can leave your data exposed, as we explore real-world examples and share insights on protecting sensitive information. Strengthen your API access controls to safeguard against unauthorized access and potential breaches!