Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2024

Improving Security with Wallarm's NIST CSF 2.0 Dashboard

Ensuring the security of web applications and APIs is more critical than ever. With threats becoming increasingly prevalent and sophisticated, organizations need to employ comprehensive security measures to protect their digital assets. The NIST Cybersecurity Framework (CSF) 2.0 stands at the forefront of these efforts, offering a structured approach to managing cybersecurity risks.

Tyk Gateway API Calls To Graylog API Security

Application Programming Interfaces (APIs) are the backbone of modern software development, enabling seamless communication between various systems and services. As organizations increasingly rely on APIs to power their applications and services, the need for robust API management and monitoring solutions becomes paramount. Capturing API calls and gaining insights into their behavior can significantly enhance the development, troubleshooting, and security of APIs.

APIs and automation: The good, the bad, and the better

APIs are often adopted by businesses as a way to automate certain operational tasks. This not only helps to introduce efficiencies, it also reduces the chance of human error in repetitive, manual actions. But the relationship between APIs and automation doesn’t end there. To streamline the API management process, developers have started automating a variety of tasks in the API lifecycle, from development to production.

Redefining SAST: When AppSec Meets Developer Experience

Today, the speed and quality of software delivery are more critical to business success than ever. This highlights the importance of integrating security within the development lifecycle to maintain high velocity. In the ongoing race to extract business value from software and technology, the agility and efficiency of development teams are vital. Static Application Security Testing (SAST) plays a key role in this context, providing a vital tool for secure development.

When 200 OK Is Not OK - Unveiling the Risks of Web Responses In API Calls

In the ever-evolving landscape of cybersecurity, where the battle between defenders and hackers continues to escalate, it is crucial to scrutinize every aspect of web interactions. While the HTTP status code 200 OK is generally associated with successful API calls, there’s a dark side to its seemingly harmless appearance that often goes unnoticed.

Wallarm's Crusade Against Rising Credential Stuffing Threats

Credential Stuffing, a vital yet often overlooked aspect of cybersecurity, needs to be addressed with urgency. An alarmingly large segment of the population engages in the risky habit of using the same password for various accounts. This behavior parallels the risk of using a universal key for various locks in your life, such as those for your home, car, or even hotel rooms during vacations.

A New Strategy for Reducing API Risk

As organizations increasingly embrace APIs, a new challenge has emerged - the complexity of managing, securing, and understanding the sprawling API landscape within an organization. To tackle these concerns head-on, Salt Security has pioneered the industry's first API posture governance engine and a suite of advanced capabilities designed to bring clarity, security, and efficiency to your API ecosystem.

Blocking Compromised Tokens with Wallarm

In our Annual API ThreatStats report, we highlighted the increasing threat of API Leaks. An API Leak is the disclosure of sensitive API information, such as a token, credential, or private schema. These leaks can occur directly via the API itself, but also via third party tools used to manage source code, such as Github or Postman. API Leaks came in at number 4 in our dynamic top 10 list of API Security issues.

Announcing Graylog API Security v3.6

Graylog API Security v3.6 is here! Just taking the version number by itself, v3.6 sounds like an incremental step forward. But the truth is that v3.6 isn’t just a release milestone; it’s a huge inflection point in our mission to improve API security. There are multiple “firsts” in v3.6, which makes the total combination even more exciting.