How to Get API Threat Hunting Off the Ground
This is the fourth and final post of our blog series on the importance of API threat hunting - and how to get your own API threat hunting program off the ground. If you haven’t already, check out the other posts in this series: ... Read More
Anatomy of a BOLA Attack – Part 2
In the first post of our blog series on API threat hunting, we explored the technology shifts that are making API threat hunting an essential priority for security leaders. We then followed this up with a real-world example from Uber of how multiple undiscovered API vulnerabilities can be combined with ... Read More
Anatomy of a BOLA Attack – Part 1
In the first post of our blog series on API threat hunting, we reviewed some foundational API security terminology and explored the technology shifts that are making API threat hunting a must-do priority. But often the best way to understand the impact of specific types of API threats is by ... Read More
Why API Threat Hunting is Now Essential
One lesson that many security teams have learned the hard way is that waiting for security incidents to be detected before taking action is no longer good enough. Whether they’ve been affected by targeted attacks, blindsided by global incidents like Log4Shell, or both, many organizations now recognize that proactive threat ... Read More
