Technology

API Gateway vs. API Security #apisecurity #cybersecurity #architecture #devsecops

Nov 13, 2025 By Wallarm In Wallarm

Your API Gateway Is Not an API Security Solution Confusing API management with API security is a costly and dangerous mistake. An API Gateway is a traffic controller, but it has critical blind spots: It authenticates users but doesn't analyze their behavior for malicious intent. It routes traffic but doesn't inspect payloads for complex attacks. It manages access but can't detect business logic abuse.

View Video

Wallarm

API
Security

Read more about API Gateway vs. API Security #apisecurity #cybersecurity #architecture #devsecops

Why IoT in Your Supply Chain Still Poses a Serious Cyber Risk

Nov 13, 2025 By Emma Stevens In BitSight

In today’s digital economy, every organization—whether a law firm, retailer, or financial services provider—is now part of someone’s critical infrastructure. A dangerous misconception persists: that Internet of Things (IoT) devices and Industrial Control Systems (ICS) are only concerns for industrial or manufacturing sectors. In reality, these technologies are quietly embedded in everyday operations across nearly every industry.

Read Post

BitSight

Read more about Why IoT in Your Supply Chain Still Poses a Serious Cyber Risk

Cato CTRL Threat Research: Two Vulnerabilities in Anthropic's MCP SDK Enable OAuth Token Theft and Supply Chain Attacks

Nov 13, 2025 By Dr. Guy Waizel In Cato Networks

The SolarWinds supply chain attack in 2020 reminded the world how a single weakness in trusted software can have global consequences. That incident reshaped how organizations view software integrity and the importance of securing every stage of the development pipeline.

Read Post

Cato Networks

Read more about Cato CTRL Threat Research: Two Vulnerabilities in Anthropic's MCP SDK Enable OAuth Token Theft and Supply Chain Attacks

Discover workforce use of shadow AI

Nov 13, 2025 By Cloudflare In Cloudflare

Learn how Cloudflare helps you manage shadow AI by discovering what AI apps your workforce uses and evaluate the risks those apps present.

View Video

Cloudflare

Read more about Discover workforce use of shadow AI

Mastering cloud app control, Part 2: Hardening login security

Nov 12, 2025 By Hari Kumar Selvanarayanan In ManageEngine

In Part 1 of the cloud app control series, we explored how SinaraTech, a mid-sized ecommerce company, implemented access control to help reduce shadow cloud app usage by blocking risky or redundant sites. But the story isn't over yet. The SOC team had more nuanced challenges to be addressed. Let's continue down the road to find answers to those challenges.

Read Post

ManageEngine

Read more about Mastering cloud app control, Part 2: Hardening login security

Egnyte Global Summit Showcases New Features Enhancing AI-Powered Productivity and Secure Collaboration

Nov 12, 2025 By Egnyte In Egnyte

Egnyte Adds Adaptive Block Caching, New AI Agents, and Compliance Center to its Cloud Platform.

Read Post

Egnyte

Read more about Egnyte Global Summit Showcases New Features Enhancing AI-Powered Productivity and Secure Collaboration

Human Risk Multiplier: How Mobile Devices Expand Enterprise Attack Surfaces

Nov 12, 2025 By Firas Azmeh In Lookout

Modern businesses are more reliant on mobile devices than ever before. Employees need smartphones and tablets for communication, productivity, and even security authentication. As remote and hybrid work setups become more common, mobile technology is necessary for keeping workers connected to their organizations. At the same time, these devices expose a weak link in the cybersecurity chain: the human layer.

Read Post

Lookout

Read more about Human Risk Multiplier: How Mobile Devices Expand Enterprise Attack Surfaces

How Reach Security Automates Remediation and Prevents Configuration Drift

Nov 12, 2025 By Reach Security In Reach Security

From identification to remediation to drift management. When Reach flags an exposure, it doesn’t stop there. It shows exactly how much risk you’ll reduce by fixing it — and what impact it’ll have on users. In this short demo, CRO Jared Phipps walks through how Reach:︎ Quantifies residual risk reduction (e.g., 62%, 91%, etc.)︎ Weighs that against user impact︎ Guides teams through the remediation process︎ Integrates with Jira or other ticketing systems to track fixes︎ Monitors configurations to prevent drift and maintain baselines.

View Video

Reach Security

AI
Security

Read more about How Reach Security Automates Remediation and Prevents Configuration Drift

From Model Drift to API Exploitation: The Next Challenge in AI Security

Nov 12, 2025 By A10 Networks In A10 Networks

From Model Drift to API Exploitation: The Next Challenge in AI Security In this clip from "Securing AI Part 4: The Rising Threat of Hidden Attacks in Multimodal AI," Diptanshu Purwar and Madhav Aggarwal summarize why external guardrails are the only sustainable defense against the new wave of AI exploitation. Jamison Utter then sets the stage for the next topic in the series: securing the fundamental protocols and APIs that AI agents rely on.

View Video

A10 Networks

Read more about From Model Drift to API Exploitation: The Next Challenge in AI Security

OWASP Top 10 Business Logic Abuse: What You Need to Know

Nov 12, 2025 By Wallarm In Wallarm

Over the past few years, API security has gone from a relatively niche concern to a headline issue. A slew of high-profile breaches and compliance mandates like PCI DSS 4.0 have woken security teams up to the reality that APIs are the front door to their data, infrastructure, and revenue streams. OWASP recently published its first-ever Business Logic Abuse Top 10 List; a clear indication that the industry is taking API security and all its nuances seriously.

Read Post