The most important thing is to have a good attitude.

If you're having fun, then that's the best way to improve. If you're not having fun, then it's probably time for a change of scenery. I've been playing since beta and I'm still learning new things eve ...

Continue Reading
The following list of security issues is not exhaustive, but it’s a good starting point.

I've included the OWASP category for each issue and also added some examples to illustrate how you could test for them. 1. Sensitive Data Exposure (A3) This is one of the most common problems with we ...

Continue Reading
The tools we use today to protect Web applications and APIs are often ineffective, inefficient, and even counterproductive.

The good news is that there's a better way forward. We can build modern security tools for the decentralized enterprise — but it will take time and effort to get there. The first step is understandin ...

Continue Reading
We’re hosting a webinar on September 21st to discuss the top five API security myths and how you can break through them

We're hosting a webinar on September 21st to discuss the top five API security myths and how you can break through them https://t.co/0wfGbnnJnf ...

Continue Reading
Never use non-null value auth tokens.

#3: APIs Exposing Sensitive Data in Cleartext This is not a new problem, but it has been brought to the forefront of many organizations’ minds after recent high profile incidents. The exposure of se ...

Continue Reading
Gartner just “Created the Category” Gartner has created a new category, API Security.

It is now its own thing – not a subset of WAF or gateway capabilities. The report states: “API security can be implemented as an independent layer that sits between the application and the firewall ...

Continue Reading
The OWASP API Risk List is a great starting point for assessing the security of an API.

However, it could be improved by adding more granular controls and expanding its scope to include other attack vectors such as mobile apps. The Open Web Application Security Project (OWASP) has been ...

Continue Reading
The report, “Transitioning to Web App and API Security” by Enterprise Strategy Group (ESG), shows that organizations are investing more than ever in web app and API security tools.

However, most of these tools fall short of today’s needs. The average organization spends $200K on such tools but sees little return on investment (ROI). Half the alerts generated by these tools are ...

Continue Reading

Back to Main

Subscribe for the latest news: