Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2023

noname security

National Cybersecurity Strategy Implementation Plan published; Carrots and Sticks

Aug 29, 2023 By Dean Phillips In Noname Security

This is the third installment in the National Cybersecurity Strategy series. To read the other two blogs, click here for part 1 and here for part 2. As I was drafting the third installment on the National Cybersecurity Strategy, the National Cybersecurity Strategy Implementation Plan was published. This follow-on document provides greater specificity on detailed actions to be taken. As such, moving forward, the two should be viewed together and assessed as a pair.

Read Post

Accelerating API Security with Intel & Noname Security

Aug 21, 2023 By Noname Security In Noname Security
Rick Echevarria, General Manager for Intel Security Center of Excellence and David Thomason, Worldwide Director of Alliances at Noname Security, sit down to discuss the expanding API attack surface, how the two companies are working together to provide next-generation API Security, as well as share their thoughts about the joint roadmap going forward. If you'd like to learn more about the partnership between Intel and Noname Security, please visit one of the following links.
View Video

How to Secure Your Financial Services APIs

Aug 21, 2023 By Noname Security In Noname Security
Todd Hathaway, Solutions Architect, Global FinServ Practice for World Wide Technology (WWT), and Karl Mattson, CISO for Noname Security, sit down to discuss the rapidly expanding API attack surface and what financial services organizations need to do in order to protect themselves from malicious threats. By the time the video is done, you will have firm understanding of the ramifications if APIs are left insecure, as well as a set of industry-proven best practices that will help you immediately improve your API Security Posture.
View Video

What is Graph QL?

Aug 18, 2023 By Noname Security In Noname Security
GraphQL is a query language for APIs that has become increasingly popular among developers working on large-scale web applications. Created by Facebook engineers in 2015, it’s positioned as a more robust alternative to RESTful APIs. When compared to REST APIs, GraphQL has a few key differences. With RESTful APIs, you have to define how you're going to make requests to each individual endpoint. You have a list of resources and verbs (methods) available to select from in order to retrieve or manipulate data from the server, and all transactions include all fields.
View Video

Horizontal vs Vertical Scaling: Which One is Better for APIs?

Aug 18, 2023 By Noname Security In Noname Security
As the developer community is well aware, demand for application programming interfaces, or APIs, is not static. It usually ebbs and flows over time. For instance, during the holiday season, there could be a significant spike in traffic, requiring more API capacity to handle the increased load. To meet such an increase in traffic, system admins have two choices when it comes to scaling an API. They can go with horizontal scaling, which refers to adding more API instances to a cluster. Or vertical scaling, which means adding to the computing capacity of the machine that supports the API.
View Video

What is API Runtime Protection?

Aug 17, 2023 By Noname Security In Noname Security
API runtime protection is the process of securing APIs as they operate and manage requests during their normal functioning. Blocking runtime API threats requires an understanding of the context of operations for each individual API, including API access, usage, and behavior. In addition, runtime protection should log API traffic, monitor sensitive data access, detect threats, and block or remediate attack vectors.
View Video

What is API Discovery?

Aug 17, 2023 By Noname Security In Noname Security
In order to protect your entire API estate—and your business—you need to be able to discover all APIs in use of every type using automated processes. It’s essential to know which APIs you have exposed at all times—this is sometimes called an inside-out approach to API discovery. However, it has also become critical to discover potential attack vectors that make APIs vulnerable using an outside-in approach.
View Video

What is a Web Application Firewall (WAF)?

Aug 17, 2023 By Noname Security In Noname Security
A web application firewall, better known as a WAF, is a security device designed to protect organizations at the application level. WAFs achieve this goal by monitoring, filtering, and analyzing traffic between the internet and a web application. Acting as a reverse proxy, the purpose of a common web application firewall is to shield applications from malicious requests.
View Video

What is API Management?

Aug 17, 2023 By Noname Security In Noname Security
Application programming interfaces, or APIs, connect software applications and data sources to one another. Given the breadth of their reach, it’s wise for organizations to engage in proactive API management, which keeps APIs running reliably and securely. API management incorporates many different tasks and processes. It spans API creation and API publishing and continues through the full API lifecycle through retirement. API management also involves monitoring APIs for performance and adherence to service level agreements, or SLAs.
View Video

What is penetration testing?

Aug 17, 2023 By Noname Security In Noname Security
Penetration testing (or pen testing for short) involves performing simulated, fully authorized attacks on a company’s IT infrastructure and network. These attacks seek to exploit the system’s security loopholes. The objective of the tests is to assess the system’s robustness and preparedness against different types of breaches and glean lessons and insights that ultimately serve to strengthen its security even further.
View Video

Uncover API Vulnerabilities with Posture Management

Aug 17, 2023 By Noname Security In Noname Security
API posture management ensures that you put your best foot forward when it comes to API security. It combines API discovery with sensitive data identification and vulnerability detection, so your remediation efforts focus on the most critical APIs first. The ability to identify API vulnerabilities and remediate them quickly allows you to take corrective action before an attack occurs.
View Video
noname security

How to Detect Suspicious API Traffic

Aug 15, 2023 By Harold Bell In Noname Security

Detecting suspicious API traffic is of utmost importance in today’s digital landscape. With the increasing reliance on APIs, or application programming interfaces, for data exchange between different applications and systems, it has become crucial to ensure the security and integrity of these interactions. One of the main reasons why detecting suspicious API traffic is so significant is the potential threat it poses to the overall system and its data.

Read Post
Featured Post
noname security

How Financial Services Cyber Regulations are Hotting Up For API Security

Aug 10, 2023 By Filip Verloy, Field CTO In Noname Security
Financial services firms deploy an increasingly complicated mix of technologies, systems, applications, and processes to serve customers and partners and to solve organisational challenges.Focused heavily on consumer hyper-personalisation, banks are evolving more and more digital assets and services to meet and exceed growing customer experience expectations.
Read Post

Find All Your APIs with API Discovery

Aug 2, 2023 By Noname Security In Noname Security
APIs operating without any security controls are just waiting to be exploited. Misconfigurations, suspicious behavior, and cyber attacks may already be occurring without your knowledge. Hackers are on the lookout for APIs that will allow them to access data covertly, providing time to not only extract data, but to explore additional attack vectors.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.