Today we announced the general availability of Active Testing V2, our flagship API security testing solution, and an integral part of the Noname API Security Platform. The more API security defects we can catch during development, the cheaper and more efficient our applications become. So-called shifting left has a profound effect on security if done right. Over 85% of defects, including security issues, are created in development, mainly during the initial coding phase.

Continuing a review of the new National Cybersecurity Strategy, today I look at the second pillar, Disrupt and Dismantle Threat Actors. It’s heavy on collaboration, information sharing, and integrated response, and lays out five objectives that, on the surface, make sense: However, reading through the specifics of the five objectives, I see major challenges in achieving some of these. I’ll only address a few underlying issues in order to keep this more manageable.

Avord, a cybersecurity services and solutions organization based in the UK, is working with API security pioneer, Noname Security, to deliver API security reconnaissance as a service.

The Open Web Application Security Project (OWASP) is a global non-profit organization dedicated to improving the security of software. The OWASP foundation first released a list of the top 10 security risks faced by APIs in 2019. Although 4 years is an extremely long time when it comes to computing, the fact remains that most organizations are still in the process of putting better API security controls in place to protect against the 2019 Top 10.