Monthly Archive

When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

Oct 30, 2025 By Wallarm In Wallarm

Wallarm’s latest Q3 2025 API ThreatStats report reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving. Malicious actors are shifting from code-level weaknesses to business logic flaws, from web apps to partner integrations, and from REST to AI-powered APIs. Here’s what stood out this quarter, and what security leaders should do about it.

Read Post

Wallarm

Read more about When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

API Attack Awareness: Business Logic Abuse - Exploiting the Rules of the Game

Oct 27, 2025 By Wallarm In Wallarm

As Cybersecurity Awareness Month continues, we wanted to dive even deeper into the attack methods affecting APIs. We’ve already reviewed Broken Object Level Authentication (BOLA), injection attacks, and authentication flaws; this week, we’re exploring business logic abuse (BLA). Unlike technical flaws, business logic flaws exploit how an API is designed to behave.

Read Post

Wallarm

Read more about API Attack Awareness: Business Logic Abuse - Exploiting the Rules of the Game

After the AWS Outage: How to Build Systems That Survive

Oct 23, 2025 By Wallarm In Wallarm

When AWS goes down, the ripple effects are global, from authentication failures to service disruptions that bring businesses to a standstill. But while every outage makes headlines, the real question is: Why are so many organizations still unprepared? In this live fireside chat, Wallarm’s Field CTO, and STO of Security Edge, Tim Ebbers, unpacks the architectural lessons behind the latest AWS outage — and what engineering, DevOps, and security leaders can do today to prevent history from repeating itself.

View Video

Wallarm

Read more about After the AWS Outage: How to Build Systems That Survive

How I 'Hacked' an Online Store #businesslogic #ecommerce #cybersecurity #apisecurity

Oct 23, 2025 By Wallarm In Wallarm

A $10,000 Order for $1? Your Business Logic is Broken Attackers aren't just breaking code; they're exploiting the rules of your business to commit fraud. When your application's logic is flawed: Your payment and fulfillment systems can be desynchronized. You can lose massive revenue to easily preventable abuse. Your inventory and financial reporting become unreliable. Watch how a simple business logic flaw can lead to catastrophic financial loss in this real-world example. Is your e-commerce platform safe?

View Video

Wallarm

Read more about How I 'Hacked' an Online Store #businesslogic #ecommerce #cybersecurity #apisecurity

AWS Outage: Lessons Learned

Oct 21, 2025 By Wallarm In Wallarm

What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure?

Read Post

Wallarm

Read more about AWS Outage: Lessons Learned

Key API Security Takeaways from the Postman 2025 State of API Report

Oct 21, 2025 By Wallarm In Wallarm

API security has never been more important because modern APIs are operational necessities. Unfortunately, many organizations are failing to adapt their security models to a rapidly changing API threat landscape. Like it or not, we live in an AI-first world, and API security must reflect that reality. The Postman 2025 State of API Report is confirmation of that fact.

Read Post

Wallarm

Read more about Key API Security Takeaways from the Postman 2025 State of API Report

API Attack Awareness: When Authentication Fails - Exposing APIs to Risk

Oct 14, 2025 By Wallarm In Wallarm

Authentication issues seem like low-level attacks. But authentication today – especially API authentication – can be more difficult than people expect. Companies rely on APIs to carry sensitive information every day. If access to those APIs is not properly secured, all the sophisticated security solutions companies use to protect their data elsewhere are completely undermined.

Read Post

Wallarm

Read more about API Attack Awareness: When Authentication Fails - Exposing APIs to Risk

Wallarm: API Security Platform of the Year 2025

Oct 10, 2025 By Wallarm In Wallarm

2025 has been one of Wallarm’s biggest years yet. In the last few months alone, we unveiled our industry-first API Revenue Protection capability, launched our next-gen Security Edge offering, were included in the 2025 Inc. 5000 list of fastest-growing private companies in America, and announced our $55M Series C funding round. This October, we’re proud to see our dedication and our customers’ confidence recognized.

Read Post

Wallarm

Read more about Wallarm: API Security Platform of the Year 2025

A CISO's Guide to API Security

Oct 9, 2025 By Wallarm In Wallarm

APIs are powering digital transformation but also exposing organizations to new risks. Securing them requires collaboration between CISOs, CIOs, and the board. This webinar will demystify the evolving API threat landscape, outline governance strategies, and provide leaders with the tools to communicate API risk in business terms. Key Learnings: Why You Should Attend.

View Video

Wallarm

Read more about A CISO's Guide to API Security

API Security: The #1 Threat Businesses IGNORE #apisecurity #appsec #datasecurity #apitesting

Oct 7, 2025 By Wallarm In Wallarm

OWASP shows API vulnerabilities are now a top threat in modern security. The growth, priority, and severity of API issues are only increasing. This is the biggest business risk companies ignore.

View Video

Wallarm

API
Security

Read more about API Security: The #1 Threat Businesses IGNORE #apisecurity #appsec #datasecurity #apitesting

API Attack Awareness: Injection Attacks in APIs - Old Threat, New Surface

Oct 3, 2025 By Wallarm In Wallarm

Injection attacks are among the oldest tricks in the attacker playbook. And yet they persist. The problem is that the core weakness, trusting user inputs too much, keeps resurfacing in new forms. As organizations have shifted to API-driven architectures and integrated AI systems that consume unstructured input, the attack surface has expanded dramatically.

Read Post

Wallarm

Read more about API Attack Awareness: Injection Attacks in APIs - Old Threat, New Surface

API Attack Awareness: Broken Object Level Authorization (BOLA) - Why It Tops the OWASP API Top 10

Oct 1, 2025 By Wallarm In Wallarm

For this Cybersecurity Awareness Month, we thought it important to draw attention to some of the most common and dangerous API vulnerabilities. This week, we’re starting with Broken Object Level Authorization (BOLA). BOLA vulnerabilities top the OWASP API Top Ten. And for good reason: they’re startlingly prevalent, remarkably easy to exploit, and can have devastating consequences. So, let’s explore what they are, why they matter, and how you can mitigate them.

Read Post

Wallarm

Read more about API Attack Awareness: Broken Object Level Authorization (BOLA) - Why It Tops the OWASP API Top 10

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

API Attack Awareness: Business Logic Abuse - Exploiting the Rules of the Game

After the AWS Outage: How to Build Systems That Survive

How I 'Hacked' an Online Store #businesslogic #ecommerce #cybersecurity #apisecurity

AWS Outage: Lessons Learned

Key API Security Takeaways from the Postman 2025 State of API Report

API Attack Awareness: When Authentication Fails - Exposing APIs to Risk

Wallarm: API Security Platform of the Year 2025

A CISO's Guide to API Security

API Security: The #1 Threat Businesses IGNORE #apisecurity #appsec #datasecurity #apitesting

API Attack Awareness: Injection Attacks in APIs - Old Threat, New Surface

API Attack Awareness: Broken Object Level Authorization (BOLA) - Why It Tops the OWASP API Top 10

Monthly Archive

Follow Us