Introducing the New Active Testing
Noname Security is proud to announce the release of version 2 of our API security testing suite.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Noname Security
National Cybersecurity Strategy: Disrupting and Dismantling Threat Actors Will Not Come Easy
Continuing a review of the new National Cybersecurity Strategy, today I look at the second pillar, Disrupt and Dismantle Threat Actors. It’s heavy on collaboration, information sharing, and integrated response, and lays out five objectives that, on the surface, make sense: However, reading through the specifics of the five objectives, I see major challenges in achieving some of these. I’ll only address a few underlying issues in order to keep this more manageable.
Find API Vulnerabilities Before Production
Deliver secure APIs faster with API security testing. Leave no API untested and Shift Left with API security testing. Add security into your CI/CD pipeline without sacrificing speed and ensure that APIs aren't implemented with security vulnerabilities.
API Security Reconnaissance As A Service using Noname Recon
Avord, a cybersecurity services and solutions organization based in the UK, is working with API security pioneer, Noname Security, to deliver API security reconnaissance as a service.
The Updated OWASP API Security Top 10 for 2023 is Here
The Open Web Application Security Project (OWASP) is a global non-profit organization dedicated to improving the security of software. The OWASP foundation first released a list of the top 10 security risks faced by APIs in 2019. Although 4 years is an extremely long time when it comes to computing, the fact remains that most organizations are still in the process of putting better API security controls in place to protect against the 2019 Top 10.
What is Software Composition Analysis (SCA)?
A subset of application security testing, software composition analysis (SCA) refers to an automated process which scans open source software, allowing security analysts to identify precisely which libraries and components have been used in a piece of software. Code is parsed automatically and scanned against a known list of open source vulnerabilities.
What is a Load Balancer?
A load balancer functions like a network traffic cop. It routes client requests, such as for web page views, to the servers that are best able to fulfill those requests. If a server starts overheating and cannot respond quickly enough, the load balancer will divert the traffic load to another server.
What is Java API?
Java API is an application programming interface (API) that functions within software built using the Java software programming language. It’s a deep technology that plays a critical but hard-to-see role in Java applications.
What is Static Application Security Testing (SAST)?
SAST is a commonly used application security (AppSec) tool which identifies and helps remediate underlying the root cause of security vulnerabilities. SAST tools do not need a system to be running to perform a scan because they analyze web applications from the inside out.
What is Dynamic Application Security Testing (DAST)?
Dynamic application security testing (DAST) is an automated security testing technique that is used to identify vulnerabilities in web applications. The best DAST tools simulate various types of attacks to detect security vulnerabilities and test a broad spectrum of endpoints including hidden values. By simulating malicious attacks on an application, automated DAST security tools can help identify outcomes that are far outside typical user experience.