Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2024

How Mergers & Acquisitions Are Leaving Your APIs Vulnerable #apiattacks #apimanagement #api

Sep 27, 2024 By Wallarm In Wallarm
Mergers and acquisitions can expose critical API vulnerabilities, often overlooked due to poor documentation and lack of standardization. Learn about the hidden risks that can lead to delayed incident response and compromised security during M&A processes.
View Video

A Maturity Model to Secure Mulesoft Environments

Sep 27, 2024 By Wallarm In Wallarm
In today’s rapidly evolving digital landscape, where application programming interfaces (APIs) are becoming the backbone of technology infrastructure, the need for robust management and security measures have never been more critical. With the surge in API use and the corresponding increase in threats, protecting Mulesoft environments has become a top priority.
View Video
wallarm

Deep Dive into the Latest API Security Vulnerabilities in Envoy

Sep 26, 2024 By Wallarm In Wallarm
Envoy has carved out a critical role in cloud-native computing, becoming increasingly prevalent as the default ingress controller for Kubernetes. This high-performance proxy, developed by Lyft and now part of the Cloud Native Computing Foundation’s arsenal, is integral for companies scaling up their Kubernetes deployments. Envoy ensures efficient load balancing, security, and operational agility by managing external access to services within Kubernetes clusters,.
Read Post

70-83% of All Internet Traffic is API Traffic! #api #traffic #internettrends

Sep 25, 2024 By Wallarm In Wallarm
Did you know that 70-83% of all internet traffic consists of API calls? In today's interconnected world, APIs are the invisible backbone driving your favorite apps, from maps to messaging platforms. This video breaks down the significance of API traffic and how it shapes the way we interact with technology daily. Discover why APIs are more critical than ever and how they power the digital experiences we rely on.
View Video
salt security

Why Choose a Cloud-Native Approach to Fend Off API Attacks

Sep 25, 2024 By Eric Schwake In Salt Security
As organizations adopt a “digital-first” mentality, APIs have essentially become the backbone of modern applications, providing seamless integration between services, platforms, and third-party systems. For businesses, APIs help streamline processes and for consumers, APIs enable smooth and easily accessible digital services. However, an increased reliance on and growing number of APIs has also made them prime targets for cyberattacks.
Read Post

How to configure Joomla Custom REST API Plugin

Sep 23, 2024 By miniOrange In miniOrange
The Joomla Custom API plugin lets you create custom APIs to expand the capabilities of the Joomla CMS (Content Management System). By using these APIs you can expose particular features or data from your Joomla website, allowing external programs or services to communicate with your Joomla website. With the help of the custom endpoints you have developed, this plugin offers a smooth method to work with the Joomla database, enabling you to easily carry out CRUD (Create, Read, Update, and Delete) operations.
View Video
foresiet

The Rising Cost of Insecure APIs and Bot Attacks: Global Firms Face $186 Billion in Losses

Sep 20, 2024 By Foresiet In Foresiet
In the evolving landscape of digital threats, two growing concerns are proving costly for organizations worldwide: insecure APIs and bot attacks. A recent report highlights that these vulnerabilities have escalated dramatically, with global firms suffering financial losses between $94 billion to $186 billion annually. The exponential rise in API adoption, combined with AI-powered bot attacks, has created a perfect storm for cybercriminals to exploit.
Read Post
wallarm

Chicago API Security Summit 2024

Sep 20, 2024 By Wallarm In Wallarm
Earlier this week we had the pleasure of hosting a regional API Security Summit in Chicago (well, actually in Lombard). These summits bring together the local cybersecurity community for half-day of API Security-focused content, including expert speakers and panelists. While this isn’t the first time we’ve organized an event like this, it was memorable for the quality of content and participants.
Read Post
panoptica

The Imperative of API Security in DevOps

Sep 19, 2024 By By: Shweta Khare In Panoptica
Consider a modern software application as a constellation of cities that dot the landscape. These cities are components such as databases, authentication services, business logic engines, and more. Requests travel between components carrying data just as citizens travel between cities carrying their belongings. The highways that connect the cities on this map are your APIs. Cities get the most attention, often receiving the security and protection they need.
Read Post
salt security

Telecom Giants Unite to Revolutionize API Innovation on a Global Scale - Are You Prepared?

Sep 19, 2024 By Eric Schwake In Salt Security
In a groundbreaking move, some of the world’s largest telecom operators—América Móvil, AT&T, Bharti Airtel, Deutsche Telekom, Orange, Reliance Jio, Singtel, Telefonica, Telstra, T-Mobile, Verizon, and Vodafone—are partnering with Ericsson to launch a new venture aimed at transforming how network Application Programming Interfaces (APIs) are accessed and used.
Read Post
appsentinels

AppSentinels Complements Data Security Products

Sep 18, 2024 By AppSentinels
We are in an era of unprecedented connectivity and data growth. Data is being created and shared at the fastest pace ever. Organizations are adding new APIs to facilitate faster exchange of data. For security leaders and practitioners, this presents new and daunting challenges with the massive volume of data and new pathways to oversee, new threats to stay ahead of, and regulatory complexities to navigate. Security leaders must maintain visibility of data, manage user access to data, and enforce strong security and privacy controls.
Get White Paper
appsentinels

Why Web Application Firewalls (WAFs) are inadequate against API Attacks

Sep 18, 2024 By AppSentinels
During our various customer interactions, we often discuss how Appsentinels solution is different compared to a Web Applicaton Firewall (WAF) in protecting against API's attack. The core difference is that Appsentinels API Security Platform knows the context of what is it protecting while unfortunately WAF's don't. Let me explain why I am saying this and why this is important.
Get White Paper
appsentinels

Application Security for Cloud Native Applications

Sep 18, 2024 By AppSentinels
In the digital age, business leaders see software teams as core to the business and are demanding them to innovate faster in response to market and competitive demands. Organizations are on path of fast iteration - experimenting with new products or features, gauge customer feedback, adopt or drop and move to the next thing. The pace of change is not an option but existential for organizations. Organizations that can adapt will gain market shares and organizations that cannot, will cease to exist.
Get White Paper
appsentinels

Illusion of Security due to similarities?

Sep 18, 2024 By AppSentinels
In 2019, OWASP released first version of API Security Top 10. Like the omnipresent OWASP Top 10, the API Security Top 10 delivers a prioritized list of the most critical application security issues with a focus on the APIs. In this whitepaper, we would like to share an overview of the API top 10 with comparisons to the OWASP top 10 for web applications and break any false sense of security by seeing similarities in the list.
Get White Paper
appsentinels

Why DAST/IAST products are inadequate against finding API vulnerabilities

Sep 18, 2024 By AppSentinels
During our various customer interactions, customers using Dynamic Application Security Testing (DAST) or Interactive Application Security Testing (IAST) often ask how AppSentinels solution is different compared to their existing tool: The core difference is AppSentinels API Security Platform understands the context of the Application it is protecting while DAST/IAST products unfortunately don't. Let me explain why I am saying this and why this is important.
Get White Paper
wallarm

Fundamentals of GraphQL-specific attacks

Sep 13, 2024 By Wallarm In Wallarm
Developers are constantly exploring new technologies that can improve the performance, flexibility, and usability of applications. GraphQL is one such technology that has gained significant attention for its ability to fetch data efficiently. Unlike the traditional REST API, which requires multiple round trips to the server to gather various pieces of data, GraphQL allows developers to retrieve all the needed data in a single request.
Read Post
kondukto

Protecting APIs of Modern Applications

Sep 13, 2024 By Kondukto Security Team In Kondukto
Application Programming Interfaces (APIs) have become the backbone of modern applications. They enable seamless interaction between different software systems, allowing businesses to innovate rapidly. With the proliferation of APIs comes an increased risk of security vulnerabilities. Ensuring API security is crucial to safeguarding sensitive data, maintaining user trust and protecting the integrity of applications.
Read Post

How Wallarm API Security Platform Works: Key Features Explained #apisecurity #cybersecurity #api

Sep 12, 2024 By Wallarm In Wallarm
Get an inside look at how the Wallarm API Security Platform operates to protect your APIs. Learn about its key features, including API Discovery, real-time protection, and traffic analysis, and how it helps you stay ahead of API threats.
View Video
cloudflare

Protecting APIs from abuse using sequence learning and variable order Markov chains

Sep 12, 2024 By Peter Foster In Cloudflare
Consider the case of a malicious actor attempting to inject, scrape, harvest, or exfiltrate data via an API. Such malicious activities are often characterized by the particular order in which the actor initiates requests to API endpoints. Moreover, the malicious activity is often not readily detectable using volumetric techniques alone, because the actor may intentionally execute API requests slowly, in an attempt to thwart volumetric abuse protection.
Read Post

Twilio Breach: 33M Phone Numbers Exposed #apiattacks #apisecurity #dataleaks #databreach #twilio

Sep 12, 2024 By Wallarm In Wallarm
A major security breach at Twilio exposed 33 million phone numbers due to an unauthenticated API. Watch this video to understand the risks and learn essential API security practices to protect your organization from similar threats.
View Video

A CISO'S View on Building an API Security Program in 2024

Sep 12, 2024 By Wallarm In Wallarm
Building a robust API and application security program is essential for security leaders across all industries. However, creating and maintaining an effective security strategy for your APIs and web applications requires: Identifying the right components to build a program that aligns with your business objectives.
View Video

Wallarm Innovation Update: Effective API Protection With GraphQL And API Policy Enforcement

Sep 11, 2024 By Wallarm In Wallarm
With its exceptional ability to improve application flexibility, performance, and user experience, GraphQL is rapidly becoming one of the most widely adopted API protocols, with Gartner predicting that by 2025 it will be implemented by over 50% of enterprises. However, the same flexibility that makes GraphQL such an attractive protocol, however, also makes it susceptible to a variety of unique attacks.
View Video

A CISO's View on the State of API Security: Discussing the API ThreatStats Report, Q2 2024

Sep 5, 2024 By Wallarm In Wallarm
API exploits represent one of the fastest growing threat vectors–a trend that will continue to accelerate as the increasingly AI-driven digital economy grows. Join veteran CISO and application security expert Mike Wilkes and Wallarm’s VP of Product, Tim Erlin, as they discuss the state of API security and where it is heading. Drawing upon their extensive industry experience as well as insights drawn from the Wallarm API ThreatStats Report Q2, 2024.
View Video

A CISO's Checklist For Securing APIs And Applications

Sep 5, 2024 By Wallarm In Wallarm
Building a robust API and application security program is a key objective for security leaders in any market. But developing and maintaining an effective security program for your APIs and web applications requires: ‍- A deep understanding of the right approach to implementing API and application security.
View Video
securitysenses

Step-by-Step Guide to Implementing a News Aggregator API

Sep 4, 2024 By SecuritySenses In SecuritySenses
For any news-based website or application, having access to timely and relevant information is crucial. One way to achieve this is by integrating a News Aggregator API into your platform. In this post, we will provide you with a comprehensive, step-by-step guide on how to implement a News Aggregator API effectively.
Read Post
wallarm

API Attack Surface: How to secure it and why it matters

Sep 3, 2024 By Wallarm In Wallarm
Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the attack surface, such as extended detection and response (EDR or XDR), security information & event management (SIEM), and security orchestration, automation & response (SOAR); despite that, these tools often do not prioritize APIs.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.