Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As developers, we often have to work with REST APIs when we integrate with third-party systems or connect between frontend and backend systems at work. APIs, and REST APIs in particular, are a fundamental part of modern web applications, allowing us to create, read, update, and delete data over HTTP. However, as with any technology, they come with their own set of security challenges. Let's break these challenges down and understand how to secure REST API applications.

In 2023 alone, there were over 3,200 reported cyberattacks, with over 350 million victims in the United States. That’s not to mention the undetected or failed attacks by these cybercriminals, both external and internal, to get access to sensitive data and customers’ Personal Identifiable Information (PII).

Managing vulnerabilities can feel like the end of the first act of Les Misérables as you sing to yourself, “one day more, another day another vulnerability.” Like Jean Valjean, you attempt to put up barricades to protect your environment from attackers exploiting these security weaknesses. Keeping pace with the number of vulnerabilities and threat actor activities becomes overwhelming, leaving you to feel outnumbered and outmanned.

Here’s what you need to know about the progression of the Polyfill supply chain attack and how to respond.

Accessing passkeys from multiple devices can be a hassle if you don’t use a passkey manager since they’re tied to the device on which they’re generated. This means you’d have to create a passkey on multiple devices or scan a QR code to access a passkey from devices that use different Operating Systems (OS). This is inconvenient, which is why you should consider investing in a password manager to store and manage your passkeys.

In 2023, identity theft and fraud reached significant levels, with various reports highlighting the extensive impact on consumers and businesses. The Federal Trade Commission (FTC) reported that consumers lost more than $10 billion to fraud, marking a 14% increase from the previous year. Identity theft remained a pervasive issue, with nearly 560,000 cases reported in the first half of 2023 alone.

Increasing your online customer base might seem beneficial, but is it always advantageous for your business? Our guide aims to help you identify and understand customers who might pose long-term challenges, commonly referred to as high-risk customers. Financial institutions, such as banks, must adhere to regulations that require thorough customer screening to prevent fraud and money laundering.

Modern organizations know that protecting their data is absolutely critical. That’s where cloud security compliance comes in. Satisfying regulatory standards helps organizations protect against unauthorized access and data breaches, as well as other security incidents. Beyond protecting data, compliance also protects organizations from the legal implications and financial effects of attacks.

The recent attack on Snowflake accounts underscores a critical lesson for all cloud users: securely managing identities and access is paramount under the shared responsibility model. As more organizations leverage cloud services, it’s essential to understand that security is a collaborative effort between the service provider and the customer.

On April 23, 2024, the Federal Trade Commission (FTC) issued a ruling that banned the use and enforcement of non-compete agreements across the United States. With this ruling, enterprises that relied on these agreements to help preserve their competitive advantage must adapt their strategy for protecting proprietary information when an employee departs. Read on for a breakdown of the ruling, what strategies remain open for dealing with this risk, and how security teams can help their organization adapt.