API Security Fails

Let's look at Tracfone's $16 million settlement with the FCC to understand why API security testing matters. The post Why API Security Testing Matters – Learning from Tracfone appeared first on Dana ...

Explore the misconceptions and anti-patterns of applying security testing to APIs, and how to address them. The post 7 Deadly Sins of API Security Testing appeared first on Dana Epp's Blog ...

Learn about the five mistakes beginners make during their app recon that limit their ability to find vulns during their API security testing. The post 5 mistakes beginners make during app recon ...

Restricting emergency alerts during a disaster due to rate limiting is in itself a disaster. Learn how to look for this during your API testing. The post From Tsunami to Twitter: How ...

Read an intriguing real world story about how tainted data and API abuse can lead to the perfect digital bank heist. The post That time I broke into an API and became ...

Embrace failure. Explore how mistakes and setbacks can fuel innovation, refine skills, and deepen understanding in the world of API hacking. The post Why API hackers should embrace failure appeared first on ...

Learn how to look for those old forgotten zombie APIs that can be a goldmine of vulnerabilities and security loopholes. The post Avoiding the Apocalypse: A Guide to Finding Zombie APIs appeared ...

Learn how to find vulnerabilities in multi-tenant apps and APIs that expose cross-tenant data leaks (CTDL) during your security testing. The post Cross-Tenant Data Leaks (CTDL): Why API Hackers Should Be On ...

Learn the ins and outs of offensive AI and how API hackers can benefit from it. The post Is Offensive AI Going to be a Problem for API Hackers? appeared first on ...

Read this to understand why you should never blindly trust proof of concept (PoC) exploits shared on GitHub. The post Why you should never trust PoC exploits on GitHub appeared first on ...