Don’t use access tokens for authentication.

API #3: Excessive Data Exposure The third vulnerability is excessive data exposure, which happens when an API exposes too much information about users or resources. This can be a big problem because ...

Continue Reading
APIs are the new frontier for security.

To protect your APIs, you need to understand how they work and what makes them vulnerable. You also need to know which threats can target them and how to prevent attacks from happening in the first pl ...

Continue Reading
– Advertisement – ot only a threat to the security of your organization, but also to the performance and availability of your applications.

The issue is that bots are hard to detect because they mimic human behavior. They can be programmed to make requests at random intervals or in bursts, which makes it difficult for traditional security ...

Continue Reading
The book is an excellent introduction to the topic, and I highly recommend it.

The first thing that struck me about this book was its size: at just over 200 pages, it’s a very quick read. It covers all of the basics in great detail, but doesn’t get bogged down with unnecessary ...

Continue Reading
I’m not a fan of this book.

I don’t recommend it to anyone, and I won’t be reading the sequels https://t.co/DFUzRoaabK ...

Continue Reading
Use OAuth2 for SSO with OpenID Connect.

If you’re building a web API, it’s likely that your users will need to access the API from multiple devices and browsers. It would be inconvenient if they had to log in every time! Instead, you can ...

Continue Reading
We’re using the OWASP Top 10 as a baseline to help you identify and mitigate API threats.

We've all heard about the importance of securing web applications, but what about APIs? Application Programming Interfaces (APIs) are an increasingly common way for developers to interact with each ot ...

Continue Reading
We’re hiring

We're hiring https://t.co/rQEw2uYXzW ...

Continue Reading

Back to Main

Subscribe for the latest news: