Tag: api

March 31, 2023

Intruder updates its cloud-based vulnerability management service, allowing organisations of all sizes to secure their APIs by automatically detecting vulnerabilities, gaps, security weaknesses, and misconfigurations that hackers can exploit. As more organisations build APIs to facilitate automation, attack surfaces are […]

March 8, 2023

After combing through 350,000 reports to find 650 API-specific vulnerabilities from 337 different vendors and tracking 115 published exploits impacting these vulnerabilities, the results clearly illustrate that the API threat landscape is becoming more dangerous, according to Wallarm. Researchers came […]

February 22, 2023

Enterprises looking to modernize their APIs are increasingly switching from the REST architecture to the open-source data query and manipulation language GraphQL. While the transition makes sense – GraphQL is more flexible, scalable, and easier for developers to use – […]

February 2, 2023

When it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a […]

January 23, 2023

Wallarm has launched the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak. […]

January 20, 2023

Cybersecurity professionals are frustrated over how much time and attention they must devote to API security and worried that their defenses still need to be improved, according to Corsha. Researchers recently surveyed over 400 security and engineering professionals to learn […]

December 21, 2022

At a surface level, APIs help businesses to connect applications and share data with one another. This creates an easier, more seamless experience for customers and users. If you have ever used your Google account to log into multiple sites […]

November 1, 2022

Synack launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a user interface and are increasingly exposed […]

October 20, 2022

More than 9 in 10 financial sectors accept that open banking is vital to their organization. The demand for fast, hassle-free, and personalized banking and financial services among customers is driving the rapid adoption of open banking. However, nearly 50% […]

September 28, 2022

It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks to the original design is extremely difficult, and it must be […]

September 22, 2022

Noname Security announced the findings from its API security report, “The API Security Disconnect – API Security Trends in 2022”, which revealed a rapidly growing number of API security incidents, concerning lack of API visibility, and a level of misplaced […]

July 7, 2022

A cryptocurrency wallet service provider serving more than 2 million users worldwide and managing about $3 billion worth of Bitcoin was found to contain API vulnerabilities tied to how external authentication logins were implemented. The bugs are fixed, but the […]

April 5, 2022

With the growth in digital transformation, the API management market is set to grow by more than 30% by the year 2025 as more businesses build web APIs and consumers grow to rely on them for everything from mobile apps […]

January 18, 2022

Researchers at browser identification company FingerprintJS recently found and disclosed a fascinating data leakage bug in Apple’s web browser software. Technically, the bug exists in Apple’s open source WebKit browser engine, which means it affects any browser that relies on […]

December 16, 2021

Protecting mobile applications and APIs against automated threats is a top priority for online commerce businesses, according to data from a study published by DataDome. Conducted by Forrester Consulting, this survey of online commerce companies evaluates the main impacts that […]

September 21, 2021

The increase in cloud adoption is driving the need for agile application security. According to Radware’s The State of Web Application and API Protection report, 70% of web applications now run in cloud environments, while 76% of organizations have accelerated […]

September 2, 2021

There are two essential elements driving progress in today’s digital-first economy: Mobile applications and the application programming interfaces (APIs) that allow those applications to communicate and exchange data with each other. The growth in these two technologies has exposed users […]

July 23, 2021

After more than 20 years in the making, now it’s official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing. APIs have crucial roles […]

May 28, 2021

Contrast Security announced the findings of a report based on a comprehensive survey of development, operations, and security professionals and executives at enterprise-level financial services institutions. The report explores the state of application security at these organizations, and the findings […]

March 29, 2021

Email spoofing is a growing problem for an organization’s security. Spoofing occurs when a hacker sends an email that appears to have been sent from a trusted source/domain. Email spoofing is not a new concept. Defined as “the forgery of […]