Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2023

salt security

What Can be Learned from the JumpCloud Security Incident

Jul 27, 2023 By Nick Rago In Salt Security
In an ideal world, security incidents result in minimal damage, and we can learn from them to improve our future defenses. Fortunately, such appears to be the case with JumpCloud. According to JumpCloud’s blog post, its recent security incident impacted fewer than 5 JumpCloud customers and fewer than 10 devices. Moreover, working together with their incident response (IR) partner Crowdstrike (also a Salt Security partner), JumpCloud has mitigated the attack vector used by the threat actor.
Read Post
indusface

API Discovery: Definition, Importance, and Step-by-Step Guide on AppTrana WAAP

Jul 25, 2023 By Gaurav Chauhan In Indusface
The growing use of APIs in various business areas exposes organizations to new security risks. An analysis of data breaches reveals that US companies could face losses ranging from $12 billion to $23 billion in 2022 due to compromises linked to APIs. Lack of visibility plays a major role in the rise of API breaches. The lack of visibility inherently creates blind spots. How do you overcome the problem of hidden APIs?
Read Post

State of API Security for Financial Services and Insurance

Jul 24, 2023 By Salt Security In Salt Security
As financial services and insurance organizations have increasingly turned to APIs to accelerate business innovation, attackers have also changed their tactics, making APIs their prime target. This short video discusses findings from the first industry-specific version of the State of API Security report and draws on a combination of survey responses and empirical data from the Salt Cloud. Key trends revealed by the survey include.
View Video
salt security

Understanding API Attacks: Why Are They Different and How to Prevent API Attacks

Jul 20, 2023 By Stephanie Best In Salt Security
Salt has just released a new resource for business and security leaders – “Understanding API Attacks: Why Are They Different and How Can You Stop Them.” Salt undertook writing this eBook as part of our ongoing commitment to educate the market about API security issues and trends. In this new eBook, we take a close look at how API attacks differ from traditional attacks, and the measures organizations can take to protect against them.
Read Post

Graylog API Security Intro Demo

Jul 19, 2023 By Graylog In Graylog
Discover and Improve Your API Security with Graylog! In this quick demo, Rob from Resurface now Graylog, showcases how Graylog helps you understand and manage your API attack surface. From identifying Rogue, prohibited, and deprecated APIs to automatically discovering and summarizing common types of attacks and failures, Graylog streamlines API security. No technical expertise needed – the system categorizes API calls into meaningful buckets, providing detailed views, including full request and response details. Easily create custom signatures, export data, and receive alerts with Graylog's comprehensive API security solution.
View Video
graylog

From Resurface to Graylog API Security: The Next Chapter

Jul 18, 2023 By Robert Dickinson In Graylog
When I started Resurface, my core thesis was that web and API security brought unique requirements requiring purpose-built data systems. Using Splunk at scale for API monitoring was/is prohibitively expensive. Using Hadoop or Kafka requires a nerd army to run at any scale. Few data platforms include a mature web or API monitoring model, so this has to be custom-overlaid at significant expense.
Read Post

How the Digital-First Economy and Digital Trends Impact CISOs

Jul 14, 2023 By Salt Security In Salt Security
To understand how the digital-first economy and global trends have impacted the role of the CISO, Salt partnered with the research firm Global Surveys to study 300 worldwide Chief Information Security Officers. This video highlights trends revealed by the survey including: These were just a few of the highlights from our recent state of the CISO survey. We encourage you to download the full report for even more great insights.
View Video
bearer

We benchmarked top SAST products, and this is what we learned

Jul 13, 2023 By Guillaume Montard In Bearer

When we started to build Bearer, we wanted to understand how to validate the quality of our findings and be able to benchmark it. Code security scanning solutions are notorious for reporting a lot of false positives and other deficiencies, and even though we believed we could do much better, we needed a way to prove it. In Java, there is an OWASP project, BenchmarkJava, which makes it easy to compare the output of two software security solutions.

Read Post
salt security

Australian Energy Leader Picks Salt for API Security!

Jul 12, 2023 By Stephanie Best In Salt Security

We’ve taken our award-winning API security “Down Under” with our latest customer success! Today we announced that Jemena, a leading energy company in Australia, has selected the Salt Security API Protection Platform to protect its critical gas and electricity infrastructure. Here at Salt, we are honored that Jemena has chosen us to secure its API modernization project!

Read Post
veracode

Improve Visibility, Reporting, and Automation With Veracode's Reporting API

Jul 12, 2023 By Devin Maguire In Veracode

A high-functioning security program leverages data to drive optimization – by satisfying governance, reporting, and compliance (GRC) requirements efficiently, creating visibility for risk-based prioritization, and leveraging automation throughout the software development lifecycle. Often, however, the data needed to drive these processes is spread across a complex ecosystem.

Read Post

Understanding API Attacks

Jul 11, 2023 By Salt Security In Salt Security
As APIs have become the backbone of modern applications, threat actors are increasingly targeting them. Whether it be to exfiltrate data, take control of critical systems, or disrupt key business services or digital supply chains, threat actors have taken notice—and they see APIs as a prosperous attack vector. In this video, you’ll gain valuable insights into API security and learn proactive measures to safeguard your APIs. By understanding the challenges posed by API attacks, you’ll understand the best strategies to protect your organization.
View Video
cloudflare

Bring your own CA for client certificate validation with API Shield

Jul 11, 2023 By Dina Kozlov In Cloudflare

APIs account for more than half of the total traffic of the Internet. They are the building blocks of many modern web applications. As API usage grows, so does the number of API attacks. And so now, more than ever, it’s important to keep these API endpoints secure. Cloudflare’s API Shield solution offers a comprehensive suite of products to safeguard your API endpoints and now we’re excited to give our customers one more tool to keep their endpoints safe.

Read Post
bearer

Improving Bearer CLI's precision and recall

Jul 5, 2023 By Elizabeth Braae In Bearer

Previously, we talked about the first phase of our battle testing process. If you haven’t already, give it a read for background on this article. After Bearer CLI proved itself solid against a variety of real-world projects, it was time to take things to the next level and compare the quality of results over time, and against the results of other static application security testing (SAST) tools.

Read Post
bearer

Bearer CLI: 2 months in retrospect of new features and improvements!

Jul 4, 2023 By Guillaume Montard In Bearer

Since we announced version 1.3 of Bearer CLI in early April, the team has been working relentlessly to make major movements and ship amazing new features. Before you read it all, we advise you to update to the latest version in the background 🙂, that way you can start exploring all right after finishing this article!

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.