API

AI-Powered APIs: Expanding Capabilities and Attack Surfaces

Nov 7, 2024 By Wallarm In Wallarm

AI and APIs have a symbiotic relationship. APIs power AI by providing the necessary data and functionality, while AI enhances API security through advanced threat detection and automated responses. In 2023, 83% of Internet traffic traveled through APIs, but there was a 21% increase in API-related vulnerabilities in Q3 2024, severely impacting AI. The relationship between AI and APIs expands capabilities while simultaneously increasing potential vulnerabilities.

Read Post

Wallarm

Read more about AI-Powered APIs: Expanding Capabilities and Attack Surfaces

Key Indicators of a Strong API Security Program - Do You Have Them? #securitymeasures #securitykey

Nov 7, 2024 By Wallarm In Wallarm

What does a successful API security program look like? Discover the essential indicators that every organization should monitor, from inventory control to continuous monitoring and anomaly detection. Learn how these key metrics can safeguard your APIs and ensure your defenses are ready for emerging threats!

View Video

Wallarm

API
Security

Read more about Key Indicators of a Strong API Security Program - Do You Have Them? #securitymeasures #securitykey

Gaining Security Context with API Session Data

Nov 6, 2024 By Wallarm In Wallarm

API attacks don't always occur in a single request, and more sophisticated attacks require additional context. Whether it's account takeover or scraping, understanding the behavior of an attacker across a session is key to accurate detection and effective investigation. Today, organizations often lack the ability to delve into the details of specific API sessions. Data is spread across multiple tools, or simply unavailable. The Wallarm platform allows users to seamlessly navigate between attack detections and the surrounding session data to fully understand the behavior and interactions involved.

View Video

Wallarm

API
Security

Read more about Gaining Security Context with API Session Data

API Security: The Non-Negotiable for Modern Transportation

Nov 5, 2024 By Eric Schwake In Salt Security

The transportation sector is undergoing a digital revolution, from railways to aviation and trucking. APIs are at the heart of this transformation, particularly for airlines. Airlines utilize APIs to integrate internal systems with vital services such as booking platforms, check-in services, real-time flight updates, communication with customs agencies, and baggage handling.

Read Post

Salt Security

Read more about API Security: The Non-Negotiable for Modern Transportation

Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale

Nov 4, 2024 By Wallarm In Wallarm

In a concerning trend, cybercriminals are leveraging DocuSign's APIs to send fake invoices that appear strikingly authentic. Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard.

Read Post

Wallarm

Read more about Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale

Securing APIs in Retail: Safeguarding Customer Data

Oct 31, 2024 By Alexandria Nicosia In Salt Security

The retail industry’s digital transformation has made secure APIs essential to modern operations since they are at the core of this shift. APIs power everything from e-commerce platforms and mobile shopping apps to inventory management, point-of-sale systems, and personalized customer experiences. They help retailers stay agile in a fast-paced market by enabling seamless data exchange and streamlining processes.

Read Post

Salt Security

Read more about Securing APIs in Retail: Safeguarding Customer Data

Founder's Corner: Episode 2

Oct 31, 2024 By Salt Security In Salt Security

Welcome to Episode Two of Salt Security’s Podcast Series: Founder’s Corner This episode features Salt's COO and Co-founder, Michael Nicosia, as he defines the main steps of the customer journey in API Security. Hosted by Salt’s CMO, Michael Callahan.

View Video

Salt Security

API
Security

Read more about Founder's Corner: Episode 2

Salt Security and Dazz: A Powerful Partnership for API Security

Oct 30, 2024 By Eric Schwake In Salt Security

As organizations adopt more modern application strategies, APIs are increasingly important for enabling seamless communication and data exchange. However, this interconnectedness also introduces more significant security risks. APIs are gateways to sensitive information, making them prime targets for attackers. This can result in data breaches, business disruptions, and reputational damage.

Read Post

Salt Security

Read more about Salt Security and Dazz: A Powerful Partnership for API Security

How to Mitigate the Latest API Vulnerability in FortiManager

Oct 30, 2024 By Wallarm In Wallarm

Recently, a critical API vulnerability in FortiManager (CVE-2024-47575) was disclosed. Certain threat actors exploited it in the wild to steal sensitive information containing configurations, IP addresses, and credentials used by managed devices. In advanced notification emails, Fortinet warned its users of the vulnerability and mitigation steps. The vulnerability has a critical severity rating of 9.8 out of 10.

Read Post

Wallarm

Read more about How to Mitigate the Latest API Vulnerability in FortiManager

Lessons from the Cisco Data Breach-The Importance of Comprehensive API Security

Oct 29, 2024 By Eric Schwake In Salt Security

In the wake of Cisco’s recent data breach involving exposed API tokens - amongst other sensitive information - the cybersecurity community is reminded once again of the significant risks associated with unsecured APIs. Though Cisco has asserted that the damage was limited to a public-facing environment, such breaches demand a more cautious evaluation. Exposing sensitive information like API tokens, credentials, and even source code can have broader security implications than initially apparent.

Read Post