If you're having fun, then that's the best way to improve. If you're not having fun, then it's probably time for a change of scenery. I've been playing since beta and I'm still learning new things eve ...
Continue ReadingSeptember 10, 2021
I've included the OWASP category for each issue and also added some examples to illustrate how you could test for them. 1. Sensitive Data Exposure (A3) This is one of the most common problems with we ...
Continue ReadingSeptember 10, 2021
The good news is that there's a better way forward. We can build modern security tools for the decentralized enterprise but it will take time and effort to get there. The first step is understandin ...
Continue ReadingSeptember 10, 2021
We're hosting a webinar on September 21st to discuss the top five API security myths and how you can break through them https://t.co/0wfGbnnJnf ...
Continue ReadingSeptember 10, 2021
#3: APIs Exposing Sensitive Data in Cleartext This is not a new problem, but it has been brought to the forefront of many organizations minds after recent high profile incidents. The exposure of se ...
Continue ReadingSeptember 10, 2021
It is now its own thing not a subset of WAF or gateway capabilities. The report states: API security can be implemented as an independent layer that sits between the application and the firewall ...
Continue ReadingSeptember 10, 2021
However, it could be improved by adding more granular controls and expanding its scope to include other attack vectors such as mobile apps. The Open Web Application Security Project (OWASP) has been ...
Continue ReadingSeptember 10, 2021
However, most of these tools fall short of todays needs. The average organization spends $200K on such tools but sees little return on investment (ROI). Half the alerts generated by these tools are ...
Continue ReadingSeptember 10, 2021
Back to Main