API Attack
API Security Need to Know: Questions Every Executive Should Ask About Their APIs
Using NIST CSF to Reign in your API Footprint As your digital transformation accelerates, it’s API volume and usage has accelerated in tandem. It is also very likely that your API security ...
API Security Need-to-Know: Ramifications of Weak API Authentication
In today’s blog, we will discuss the ramifications of unauthenticated APIs using the recently published ZIPNet vulnerability. ZIPNet is an online application operated by Law Enforcement Authorities in India to share Crime ...
I’ve Got 99 Problems and API Visibility Ain’t One of ‘Em
Getting a handle on API Proliferation for the benefit of the broader organization API proliferation is an issue we hear about from our enterprise customers more and more. For security teams, this ...
OWASP AppSec Training Day: API Attacks Beyond the OWASP API Top 10
There still time to register for the upcoming OWASP Training Day: API Attacks Beyond the OWASP API Top 10 led by hacker-in-residence Jason Kent. This class is ideally suited for those who ...
APIs: The Next-Frontier in Cyber-Crime
This year is turning out to be the year that kicks every company’s digital transformation into high gear in order to support work-from-home and shelter-in-place restrictions. With such a quick shift to ...
Tales from the Front Lines: Attackers Target APIs with GET-Based ATOs
This blog will describe how account takeovers (ATO) can be executed against APIs using GET methods, as opposed to POST. It’s an excellent example of how bad actors will analyze an application ...
Tales from the Frontlines: Increasingly Sophisticated Cat and Mouse Games
The last Tales from the Frontlines post focused on a single customer and the attack volume increase they experienced following the COVID-19 lockdown. In this installment, we will look at the increasingly ...
Moving Fast Without API Guardrails?
In 1999, Bruce Schneir wrote, “complexity is the worst enemy of security.” Today, I’d argue that speed may be overtaking that top spot or coming darned close. There were two stories published ...
Tales from the Front Lines: Attackers on Lockdown Focus on APIs
While the world is battling a Pandemic, our customers are battling an increase in bot activity, as evidenced by traffic and attack patterns over the last four weeks. To an attacker, being ...
