Using ChatGPT to Improve API Security: Open AI & Security
The widespread news surrounding ChatGPT and its alternatives got me thinking about how it may or may not impact API security. Current top of mind headlines are those touting an impending doom as a result of ChatGPT taking over our lives. An article that says ChatGPT is bad because it ... Read More
How Security Automation Strengthens API Security
Learn how customers are leveraging security automation to accelerate bot attack response time and improve their API security posture. In effect, customers can fight fire with fire by using automation to block (automated) bot attacks like account takeover, shopping bots and loan fraud. Every IT security professional I know, or ... Read More
API Security in Your Operational Technology (OT)
Operational technology encompasses supervisory control and data acquisition (SCADA), industrial control systems (ICS), and distributed control systems (DCS). OT can be involved in critical processes that, if breached, could have catastrophic consequences, including loss of life. Water treatment plants, power distribution, traffic management, and other critical infrastructure rely on operational ... Read More
API Security in Your Operational Technology (OT)
Operational technology encompasses supervisory control and data acquisition (SCADA), industrial control systems (ICS), and distributed control systems (DCS). OT can be involved in critical processes that, if breached, could have catastrophic consequences, including loss of life. Water treatment plants, power distribution, traffic management, and other critical infrastructure rely on operational ... Read More
Best Practices for Addressing Log4j and LoNg4j Patching Gaps
Long after the press news and panic surrounding the discovery of Log4j, the Log4 Shell exploit and the supply-chain variant dubbed LoNg4j, IT and security teams are still struggling to adopt Log4j best practices for ensuring their servers are patched and protected. To help our customers address this critical need ... Read More
Protecting GraphQL APIs from Exploits
GraphQL is an open-source query language originally developed by Facebook that can be used to build APIs as an alternative to REST and SOAP. GraphQL has gained popularity since its inception in 2012 because of the native flexibility it offers to those building and calling the API. GraphQL servers and ... Read More
OWASP Top 10 Lists: End State or Starting Point?
Made popular by television talk-show host David Letterman, an avid application security enthusiast and obsessive list maker, top 10 security lists have driven many organizations’ security programs, giving them a framework for a particular security initiative. In some cases, the lists have been used with tunnel vision, resulting in security ... Read More
API Spyder: Doing the (Seemingly) Impossible
In my role at Cequence, I get to interact with our customers as well as with teams associated directly with product creation, data science and customer support. While sounding trite, these do some amazing and seemingly impossible things, for example: I have witnessed some interesting attacks and creative solutions for ... Read More
API Spyder: Doing the (Seemingly) Impossible
In my role at Cequence, I get to interact with our customers as well as with teams associated directly with product creation, data science and customer support. While sounding trite, these do some amazing and seemingly impossible things, for example: I have witnessed some interesting attacks and creative solutions for ... Read More
How Automated API Attacks Are the Digital Equivalent of Mockingbirds
My Father’s Day plans involved sitting in my hammock, listening to the birds and enjoying the fruits of my labors. Then I heard a curious bird call and decided to see what species it was. The Merlin App is one of my favorite apps for bird identification, it can take ... Read More
