APIs are an increasingly common target for hackers, and many organizations don’t even know how many APIs they have or what permissions they hold.

The post Top 10 API security testing tools appeared first on CSO Online Security Blog | CSO https://t.co/yPBRsq7rwg ...

Continue Reading
I’m a software engineer, and I’ve been working on this project for about 6 months.

It's not finished yet, but it's getting there! The game is playable right now (see the demo video above), but there are still some bugs to fix and features to add before it can be considered "done". ...

Continue Reading
The Peloton API lacked any authentication.

Any user or attacker with Internet access could query the APIs directly and obtain volumes of PII. Broken object level authorization Once an attacker had discovered the endpoint URL, they still nee ...

Continue Reading
API security is a hot topic, but it’s not just about protecting the API itself.

It's also about protecting the data that flows through your APIs. The most common way to do this is with access control lists (ACLs). ACLs are rules that determine who can see and use an API, as well ...

Continue Reading
The API Economy is growing rapidly, and enterprises are increasingly adopting an API-first strategy.

As a result, security testing of APIs has become a critical component of the overall enterprise risk management program. In this webinar we will discuss:  What is needed to mature your security testi ...

Continue Reading
The game is fun, but the community is not

The game is fun, but the community is not https://t.co/TYNWIwsyl8 ...

Continue Reading
The API security landscape is changing.

The new application attack surface, the need for speed and agility, and the rise of cloud computing are all driving a fundamental shift in how we think about protecting APIs. The post 5 Common Securi ...

Continue Reading
The number of APIs in use is growing, and they are increasingly targeted by attackers.

The good news is that there are tools available to help organizations test their APIs for vulnerabilities and excessive permissions. These tools can be used both before deployment and after production ...

Continue Reading

Back to Main

Subscribe for the latest news: