Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Developers: Stop exposing your OpenAI API keys

Less than six months ago, artificial intelligence (AI) was largely considered to be in its infancy and primarily used for niche applications, like editing photos and keeping your home at a comfortable temperature. But that’s all changed. Since OpenAI introduced GPT-3.5 in November 2022, the possibilities of generative AI have come to dominate the popular imagination.

Migrating Apollo Codegen to GraphQL Code Generator

GraphQL has become a popular choice for building APIs in recent years. In projects using Typescript and Apollo Client, such as Rubrik’s, it is very helpful to map GraphQL schema to types and interfaces and one of the most popular tools for generating these types and interfaces based on a GraphQL schema is Apollo Codegen.

API Security Testing: Importance, Methods, and Top Tools for Testing APIs

APIs play a significant role in seamlessly integrating applications and services. However, APIs with security vulnerabilities could open doors to cyber attackers and compromise sensitive and confidential data and systems. Therefore, it is imperative to incorporate API security testing into the API development process as early as possible.

The State of the CISO 2023: Navigating Security Challenges Resulting from Today's Digital-first Economy

Salt is thrilled to share the findings from the just-released “State of the CISO 2023” report! We wanted to hear directly from CISOs/CSOs around the world about how digital transformation is impacting their role and understand the biggest challenges – both personal and professional – they’re contending with as a result.

Bearer announces new Board of Advisors

Bearer is extremely proud to announce the formation of the Bearer Board of Advisors, a group of some of the world’s most respected cybersecurity professionals, including several industry-leading CISOs and CTOs. All of our advisors have made major impacts in cybersecurity for their companies, and for the industry at large.

Understanding API Breaches: Insights from 'Outliers' and the Complexities of Cybersecurity

Over the last couple of decades in the cybersecurity industry, I have observed how APIs have gained significant importance in modern cloud-based architectures over the past few decades. In fact, they account for over 80% of all web traffic. However, this increased usage has also made APIs vulnerable to cyber threats. A closer look reveals that APIs are now one of the most prominent threat vectors in the cybersecurity landscape.

CVE-2023-34362 - Zero-Day Vulnerability Discovered in MOVEit Transfer is Exploited in the Wild by Cl0p Ransomeware - Here's What you Need to Know

On May 29, 2023, a critical security vulnerability, identified as CVE-2023-34362, was published, leaving users of MOVEit Transfer software at high risk. According to Progress, organizations have reported possible exploitation in the wild. Therefore it’s crucial that any business using MOVEit Transfer to take immediate action, especially since all versions of this popular file transfer software are affected by this vulnerability.

Salt Announces Bi-directional Integration with Wiz!

We have exciting news to share! Salt Security is building a bi-directional integration with the Wiz cloud security platform! With this announcement, Salt becomes the first API security vendor to build a two-way integration with Wiz, giving Wiz customers the deepest and most actionable insights into API behaviors – all within Wiz’s comprehensive cloud security platform.

Protecting GraphQL APIs from malicious queries

Starting today, Cloudflare’s API Gateway can protect GraphQL APIs against malicious requests that may cause a denial of service to the origin. In particular, API Gateway will now protect against two of the most common GraphQL abuse vectors: deeply nested queries and queries that request more information than they should.