The API Security Checklist is a high-level list of best practices for APIs.

It was created by We Hack Purple and contains the following sections: Authentication & Authorization Rate Limiting Throttling CORS Resource Quotas API Gateways Encryption Client Certificates OAut ...

Continue Reading
I’m a fan of the show and I like this book.

The first thing to note is that it's not really a novelization, but rather an adaptation of the series' second season. The story is told in third person from two points of view: Claire Temple (Rosario ...

Continue Reading
API security maturity is improving, but more must be done.

OWASP API Security Top 10 list has not been universally adopted and that there’s still a long way to go before we have secure APIs everywhere. So what can CISOs do to help their organizations improve ...

Continue Reading
Sumo Logic unveiled a suite of tools that provide enterprises with enhanced observability and real-time analytics to measure the performance of their critical infrastructure and applications.

The Continuous Intelligence platform is designed to help DevOps teams monitor, analyze and troubleshoot issues in production environments. It's also intended to be used for security operations by prov ...

Continue Reading
I’m a software developer.

I live in the San Francisco Bay Area, and my interests include programming languages, distributed systems, functional programming, and compilers. I work at Stripe on the infrastructure team. We build ...

Continue Reading
NeuraLegion is a security testing automation platform that helps developers build secure applications.

NeuraLegion provides automated application security testing for APIs, Web Apps and mobile apps. It detects vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Command Injection, Path Tr ...

Continue Reading
A curated list of awesome API security tools, resources and other shiny things

A curated list of awesome API security tools, resources and other shiny things https://t.co/m4JpVEZU9W ...

Continue Reading
Excessive Data Exposure is a threat that can be introduced by many things, including error messages that show too much information or even displaying obfuscated information.

In the case of Clubhouse, an API call was made resulting in the token exchange routed through the app vendor servers to establish a connection between users. The information is then sent unencrypted, ...

Continue Reading

Back to Main

Subscribe for the latest news: