graphql

Meet Vespasian. It Sees What Static Analysis Can’t.

Meet Vespasian. It Sees What Static Analysis Can’t.

| | API security, Application Security, Burp Suite, graphql, Offensive Security, Open Source Tools, openapi, Penetration Testing, Praetorian Guard Platform, Tools & Techniques, Vespasian
Praetorian is excited to announce the release of Vespasian, a probabilistic API endpoint discovery, enumeration, and analysis tool. Vespasian watches real HTTP traffic from a headless browser or your existing proxy captures ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
The Paradox of Disabling GraphQL Introspection: Lessons from the Parse Server GraphQL API vulnerability

The Paradox of Disabling GraphQL Introspection: Lessons from the Parse Server GraphQL API vulnerability

| | graphql, GraphQL Introspection, GraphQL Security
Last week, the security community was alerted to a vulnerability in Parse Server GraphQL API, which allowed public access to the GraphQL schema without requiring a session token or the master key ...
Escape DAST - Application Security Blog
Ghostwriter ❤ Tool Integration

Ghostwriter ❤ Tool Integration

| | ghostwriter, graphql, integration-tool, oplog
Incorporating new components into existing systems is such a pain, this process has been labeled “Integration Hell”. To ease tool integration, Ghostwriter v3.0.0 shipped with a GraphQL API. This API allows outside ...
Posts By SpecterOps Team Members - Medium
Figure 1 GraphIQ

GraphQL Vulnerabilities and Common Attacks: Seen in the Wild

| | graphql, imperva, Imperva Threat Research, Introspection, Threat Research
In our previous blog, we provided an overview of GraphQL security, along with details and examples of common attacks. Building on that foundation, this blog will take a closer look at real-world ...
Blog
The State of GraphQL Security 2024

The State of GraphQL Security 2024

| | API security, Application Security, graphql, GraphQL Security
Insights from 13,000 GraphQL API issues: Read our deep dive into the current state of GraphQL security ...
Escape - The API Security Blog
How to secure GraphQL?

How to secure GraphQL APIs: challenges and best practices

| | API security, graphql, GraphQL Security
Dive into the complexities of securing GraphQL APIs and common vulnerabilities and learn best practices for enhancing GraphQL security ...
Escape - The API Security Blog
API, ChatGPT, exfiltration API security Salt Security APIs social media

Noname Security Expands API Security Platform

| | API security, APIs, Data breach, graphql, Noname Security
Noname Security has updated its platform for securing application programming interfaces (APIs) to make it possible to discover them in seconds and then automatically remediate vulnerabilities when discovered. In addition, Noname API ...
Security Boulevard
federated learning, fraud, fintech, fintech Salt Security GraphQL APIs

Salt Security Report Surfaces GraphQL API Vulnerabilities

| | API security, APIs, graphql, Salt Security
Salt Security today released a report highlighting a vulnerability its researchers discovered in an application programming interface (API) based on the GraphQL specification implemented by an undisclosed financial services firm. Michael Isbitski, ...
Security Boulevard
How to build an application in minutes with AWS Amplify

How to build an application in minutes with AWS Amplify

| | AWS Amplify, graphql, serverless
...
Thundra blog
The Comforts of GraphQL with AWS AppSync

The Comforts of GraphQL with AWS AppSync

| | AppSync, aws lambda, graphql, serverless
...
Thundra blog
Load more