Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ultimate Guide to OWASP API Top 10

The OWASP API Top 10 is a list of common vulnerabilities found in APIs. OWASP created it as a resource for developers, testers, and security professionals to help them understand how to protect against API threats. Many people think that APIs are just another type of web application, but they're not; they have their own set of risks and challenges that need to be addressed. A simple API call can result in a data breach that could have lasting consequences for your business.

How Adversaries Can Persist with AWS User Federation

In recent incident response investigations, CrowdStrike Services has observed adversaries use the sts:GetFederationToken API call to create federated sessions from IAM users. In this scenario, the federated session inherits permissions from the base IAM user. Perhaps surprising to many incident responders, the privileges and access of the federated session are not revoked when the base IAM user’s credentials are deactivated.

Two-Factor Authentication (2FA) Setup on iOS

Introduction For added security on supported websites and apps, use Keeper to store two-factor authentication codes. When setting up 2FA on a site or app, Keeper for iOS can serve as your time-based one-time password or “TOTP” generator. This video will review how users can easily add a two-factor verification setup code or secret key from a website or app to a new or existing Keeper record.

Wallarm - Addressing CISOs Priorities In 2023: Wallarm API Security Democast

Modern API security needs to be able to protect against modern challenges. Whether you are protecting brand-new APIs or legacy web apps, Wallarm provides key components to secure your business against emerging threats. Join Tim Ebbers, Field CTO, and Stepan Ilyin, Co-Founder, for a demo of the Wallarm platform, to learn more about the key components and recent feature enhancements.

This Month in Datadog: Cloud Security Controls Ruleset, New Test Coverage Page, and more

Datadog is constantly elevating the approach to cloud monitoring and security. This Month in Datadog updates you on our newest product features, announcements, resources, and events. To learn more about Datadog and start a free 14-day trial, visit Cloud Monitoring as a Service | Datadog. This month, we put the Spotlight on Cloud Cost Management.

Solving Your API Leaks Challenge: Wallarm Launches API Leak Solution

In recent months, enterprise companies like CircleCI, Slack, and LastPass have seen an escalation in attacks involving leaked API keys and other API secrets. While API key leakage incidents are not new, complicated tech stacks, longer and more complex supply chains, and overstretched engineering teams are resulting in more frequent – and more damaging – attacks.

With Availability on Google Cloud Marketplace, Salt Now Hits the Cloud Trifecta

Today we announced the immediate availability of the Salt Security API Protection Platform on Google Cloud Marketplace and our acceptance to the Google Partner Advantage program! Salt now provides the cloud trifecta, enabling customers to adopt the Salt platform on the AWS Marketplace (followed by the AWS ISV Accelerate Program), on the Microsoft Azure Marketplace, and now on Google Cloud!