API

2023 OWASP Top-10 Series: API9:2023 Improper Inventory Management

Sep 23, 2023 By Wallarm In Wallarm

Welcome to the 10th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API9:2023 Improper Inventory Management. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.

Read Post

Wallarm

Read more about 2023 OWASP Top-10 Series: API9:2023 Improper Inventory Management

Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

Sep 22, 2023 By Michael Haag In Splunk

On September 4, 2023, CERT-UA revealed a meticulously planned cyberattack targeting Ukraine's critical energy infrastructure. The attack's modus operandi was distinct; it utilized deceptive emails containing bait links, luring victims into downloading a seemingly innocuous ZIP archive. This archive, however, harbored malicious files designed to hijack the victim's computer, redirecting data flows and exfiltrating sensitive information using services like mockbin.org and mocky.io.

Read Post

Splunk

Read more about Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

Noname Security and Intel Trust Authority: Building Trust Through Confidential Computing

Sep 22, 2023 By David Thomason In Noname Security

Intel’s Trust Authority is a new service that provides remote verification of the trustworthiness of a compute asset, based on attestation (cryptographic verification) and policy (a legitimate workload). This is a significant development for confidential computing, as it provides a way for organizations to independently verify the security of their workloads. Noname Security is excited to be a partner in the Intel Trust Authority program.

Read Post

Noname Security

Read more about Noname Security and Intel Trust Authority: Building Trust Through Confidential Computing

How to Secure a REST API

Sep 22, 2023 By Jeff Darrington In Graylog

Sitting at your desk, coding away with another cup of your favorite caffeine-infused beverage, you might be thinking to yourself, “it’s true what they say about no rest for the weary.” If you’re developing an app or architecting a cloud-native system, you can actually get the REST you need with the right Application Programming Interface (API). REST APIs provide a scalable, flexible, easy-to-use interface that makes developing and connecting web apps easier.

Read Post

Graylog

Read more about How to Secure a REST API

Awards Season Never Stops at Salt!

Sep 21, 2023 By Michelle McLean In Salt Security

We’re entering a new season of fall, but here at Salt, it seems like it’s always awards season! We continue to receive accolades for the Salt Security API Protection Platform – all year round! This time we have been honored with the “Best API Security” award in the 2023 API Awards.

Read Post

Salt Security

Read more about Awards Season Never Stops at Salt!

Introducing Bearer Cloud

Sep 21, 2023 By Bearer In Bearer

Get started today https://www.bearer.com

View Video

Bearer

Read more about Introducing Bearer Cloud

Bearer CLI: Overview

Sep 21, 2023 By Bearer In Bearer

Get to know the Bearer CLI, a code security scanning tool (SAST) that discovers, filters and prioritizes security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD).

View Video

Bearer

API
Security

Read more about Bearer CLI: Overview

Bridging the gap between data security and privacy

Sep 21, 2023 By Bearer In Bearer

Hosted by Bearer and originally recorded January 27, 2022.

View Video

Bearer

Read more about Bridging the gap between data security and privacy

Wallarm AI Engine: How It Works

Sep 21, 2023 By Wallarm

The main task of the run-time application security is to protect modern applications and APIs. In this endeavor the solutions face a number of challenges: Download this whitepaper to learn how Wallarm solves the difficult task of effective application security by relying on AI and machine learning including a unique combination of hierarchical clusterization, statistical n-gram based models, recurrent neural networks and reinforcement learning.

Get White Paper

Wallarm

Read more about Wallarm AI Engine: How It Works

Evolution of Real Time Attack Detection

Sep 21, 2023 By Wallarm

Attack detection is critical for most security solutions, whether we are talking about a load balancer-based (NIDS, WAF), host-based or in-application solutions (HIDS, RASP). Interestingly, regardless of the differences in architecture and data flow, most solutions use similar detection principles and techniques. We will explore how the detection architecture evolved over time and how the new generation of detection logic, such as the architecture implemented by Wallarm, is principally different from that of the legacy solutions.

Get White Paper