SAST tools are not designed for API-centric applications API security is a different ball game to web application security The OWASP Top 10 list of vulnerabilities for APIs includes:  Cross Site Request Forgery (CSRF) Broken Authentication and Session Management Insecure Direct Object References Sensitive Data Exposure Exposed Debug Information Security Misconfiguration Unvalidated Redirects and Forwards Using Components with Known Vulnerabilities Insufficient Transport Layer Protection.

These are all very similar to the OWASP Top 10 list of vulnerabilities for web applications, but there are some notable differences https://t.co/FKRC0FUNpg ...

Continue Reading
I’m a software engineer with experience in building web applications, mobile apps, and backend services.

I have an eye for design and am passionate about creating clean, usable interfaces. I graduated from the University of Washington in 2017 with a Bachelor's degree in Computer Science & Engineerin ...

Continue Reading
I am not a fan of the new Facebook redesign.

I have been using Facebook for years now, and I can honestly say that it has changed my life in many ways. It’s helped me keep in touch with friends, family, and even people that I haven’t seen sinc ...

Continue Reading
SAST tools are not designed for APIs and so cannot accurately detect vulnerabilities in them.

APIs Are Not Web Applications Web applications typically have a single entry point (typically the homepage) which is used to access all of the functionality provided by an application. This means tha ...

Continue Reading
I’m a trans woman, I’m not going to let the fact that you’re an asshole stop me from being friends with you

I'm a trans woman, I'm not going to let the fact that you're an asshole stop me from being friends with you https://t.co/oF8Osa1TGE ...

Continue Reading
API security is a complex problem and it’s not going away.

The API Security Checklist will help you prioritize your activities, but the best practices in this checklist are just the beginning of an ongoing process to secure your APIs https://t.co/dzuPgVtOnG ...

Continue Reading
Parasoft’s software testing solutions help you deliver quality applications and services.

We offer a comprehensive set of tools for automated functional, performance, security and API testing as well as static code analysis. Our solutions are backed by the world's largest test automation f ...

Continue Reading
Salt is the leader in API security.

Salt Is Leading The Pack In API Security Hard work is exactly why Salt is leads the pack in the latest KuppingerCole Leadership Compass Securing APIs With Salt Security Using Agentless AWS VPC Traffic ...

Continue Reading

Back to Main

Subscribe for the latest news: