Understanding the OWASP API Security Top 10: Why BOLA is the Number One Risk for APIs

Understanding and addressing vulnerabilities is critical in cybersecurity, where APIs serve as the backbone for seamless data exchange. The OWASP API Security Top 10, revised in 2023, provides a comprehensive guide to ...
Out of the kernel, into the tokens

Out of the kernel, into the tokens

By Max Ammann and Emilio López Our application security team leaves no stone unturned; our audits dive deeply into areas ranging from device firmware, operating system kernels, and cloud systems to widely ...

Pathlock Announces Release of First-of-its-Kind SAP Cybersecurity Product

Pathlock is pleased to announce the launch and general availability of its Cybersecurity Application Controls (CAC), the first-ever SAP cybersecurity product designed to safeguard business data from breaches and exploitation. This innovative ...
Security experience: top-down vs bottom-up⎥Jeevan Singh (Rippling, Twilio)

Building security training for developers in 2024: Is it really worth it and how to proceed?

Discover the value of developer security training in 2024 and effective strategies for fostering a secure software development culture ...
Why it Pays to Have a Comprehensive API Security Strategy

Why it Pays to Have a Comprehensive API Security Strategy

In an era dominated by digital connectivity and rapid technological advancements, Application Programming Interfaces (APIs) play a pivotal role in facilitating seamless communication and data exchange between diverse software applications. As API ...
How to secure your API secret keys from being exposed?

How to secure your API secret keys from being exposed?

Learn about the dangers of API secret key exposure and discover our selection of prevention strategies ...
How we applied advanced fuzzing techniques to cURL

How we applied advanced fuzzing techniques to cURL

By Shaun Mirani Near the end of 2022, Trail of Bits was hired by the Open Source Technology Improvement Fund (OSTIF) to perform a security assessment of the cURL file transfer command-line ...
Developers and security training:  can they co-exist?⎜Laura Bell Main

Developers and security training: can they co-exist?⎜Laura Bell Main

Today, we’re excited to have an amazing guest, Laura Bell Main, join us. Discover with us: Can developers and security training really co-exist? ...
SAP Exploit Series: Hidden OK Codes

Four Common SAP Vulnerabilities Putting Your Sensitive Data at Risk

| | Application Security
SAP applications are sophisticated software solutions tailored to meet the unique requirements of each customer’s business processes and data needs. As a result, managing the security of SAP applications can be equally ...
Threat Detection and Response from Pathlock

Streamlining SAP Threat Detection and Response with Pathlock

SAP customers are encountering increasingly sophisticated internal and external security threats, particularly amid digital transformation initiatives. The complexity of system landscapes within SAP applications magnifies these challenges, exposing organizations to new vulnerabilities ...