Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Improving GraphQL security with static analysis and Snyk Code

Apr 12, 2022 By Sam Sanoop In Snyk

GraphQL is an API query language developed by Facebook in 2015. Since then, its unique features and capabilities have made it a viable alternative to REST APIs. When it comes to security, GraphQL servers can house several types of misconfigurations that result in data compromise, access control issues, and other high risk vulnerabilities. While security issues with GraphQL are widely known, there’s little information on finding them outside of using dynamic analysis.

Read Post
Snyk

Building a secure GraphQL API with Node.js

Mar 29, 2022 By Lawrence Eagles In Snyk

GraphQL provides security straight out of the box with validation and type-checking. However, it doesn’t fully address security concerns around APIs. In this article, we’ll learn how to secure GraphQL APIs by building a simple Node.js application using Fastify and GraphQL. According to its official documentation, GraphQL is a graph query language for APIs and a runtime for fulfilling those queries with our data.

Read Post
Tines

Getting to grips with APIs

Mar 10, 2022 By Aoife Anderson In Tines

There’s nothing more frustrating than coming up against an API that won’t cooperate, no matter how hard or long you try! A key component of building integrations, APIs have been a big deal for over a decade. At this point, if a software company doesn’t have one, its technology is as good as obsolete. More than a third of analysts, in a new Tines survey, indicated that API-first is the single most important feature and capability they would look for when evaluating a new SOAR tool.

Read Post

OWASP Top 10: API Security Threats

Feb 22, 2022 By Indusface In Indusface
It’s no secret that APIs are under attack. Companies are struggling to keep their APIs safe and secure from accidental breaches to malicious hacks. The problem will only worsen as APIs become more complex and more companies rely on them for critical business functions. The security risks increase exponentially. About Indusface: Indusface is a SaaS company that secures critical Web applications of 2000+ global customers using its award-winning platform that integrates Web application scanner, Web application firewall, CDN, and threat information engine.
View Video

Create an API Specification Scan

Feb 16, 2022 By Veracode In Veracode
Traditionally Veracode Dynamic Analysis has targeted applications with a Web user interface. But increasingly, web applications are composed of many small microservices, many of which have Representational State Transfer (REST) interfaces with which the UI layer communicates. With API scanning, you can now scan the APIs of your microservices earlier in the software development process, before they are integrated into a web application.
View Video
egnyte

A Proof-of-Concept for API Caching at Egnyte

Feb 8, 2022 By Jacob Runyan In Egnyte

As Egnyte’s business and customer base grows, we have an engineering responsibility to provide data quickly and at high availability. In this blog I’ll recap one of those efforts—a proof-of-concept API caching project that serves our large folder listing capabilities and has future applications in other Egnyte services.

Read Post
Snyk

Snyk's shift left approach to API development

Feb 1, 2022 By Terence Tirella In Snyk

Snyk’s developer security platform provides developers and security professionals with the tools they need to build and operate modern applications securely. Snyk enables users to shift security left and to embrace a DevSecOps model. Modern application development teams understand that shifting left means bringing information to developers’ fingertips as early as possible in the development process to create efficient and secure applications and development processes.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.