%term

From Cloud to Code: Salt Cloud Connect Now Scans GitHub

Nov 18, 2025 By Eric Schwake In Salt Security

One of our most-loved features is Salt Cloud Connect. In a world of complex deployments, it’s a breath of fresh air: an agentless discovery model that delivers under 10-minute deployment and rapidly gathering API-specific info in cloud platforms. Customers plug it in, and in minutes, not weeks, they get a “traffic-free”, complete inventory of their APIs across AWS, Azure, GCP, Kong, and Mulesoft. This “ease of use” provides a “wow” moment of immediate visibility.

Read Post

Salt Security

Read more about From Cloud to Code: Salt Cloud Connect Now Scans GitHub

Hacked Architecture, Not Code: What is a Business Logic Attack? #businesslogic #cybersecurity

Nov 18, 2025 By Wallarm In Wallarm

Why do hackers ignore your firewalls and clean code? Because they exploit your business logic and application architecture. A Business Logic Attack (BLA) is a sophisticated manipulation that uses your own system's design against you. Learn the key difference between code flaws and architectural exploits.

View Video

Wallarm

Read more about Hacked Architecture, Not Code: What is a Business Logic Attack? #businesslogic #cybersecurity

API Key Security: 7 Enterprise-Proven Methods to Prevent Costly Data Breaches

Nov 14, 2025 By Tiexin Guo In GitGuardian

In this blog, we will navigate through a few enterprise-proven methods to make API key more secure. Read on!

Read Post

GitGuardian

Read more about API Key Security: 7 Enterprise-Proven Methods to Prevent Costly Data Breaches

API Gateway vs. API Security #apisecurity #cybersecurity #architecture #devsecops

Nov 13, 2025 By Wallarm In Wallarm

Your API Gateway Is Not an API Security Solution Confusing API management with API security is a costly and dangerous mistake. An API Gateway is a traffic controller, but it has critical blind spots: It authenticates users but doesn't analyze their behavior for malicious intent. It routes traffic but doesn't inspect payloads for complex attacks. It manages access but can't detect business logic abuse.

View Video

Wallarm

API
Security

Read more about API Gateway vs. API Security #apisecurity #cybersecurity #architecture #devsecops

OWASP Top 10 Business Logic Abuse: What You Need to Know

Nov 12, 2025 By Wallarm In Wallarm

Over the past few years, API security has gone from a relatively niche concern to a headline issue. A slew of high-profile breaches and compliance mandates like PCI DSS 4.0 have woken security teams up to the reality that APIs are the front door to their data, infrastructure, and revenue streams. OWASP recently published its first-ever Business Logic Abuse Top 10 List; a clear indication that the industry is taking API security and all its nuances seriously.

Read Post

Wallarm

Read more about OWASP Top 10 Business Logic Abuse: What You Need to Know

From Model Drift to API Exploitation: The Next Challenge in AI Security

Nov 12, 2025 By A10 Networks In A10 Networks

From Model Drift to API Exploitation: The Next Challenge in AI Security In this clip from "Securing AI Part 4: The Rising Threat of Hidden Attacks in Multimodal AI," Diptanshu Purwar and Madhav Aggarwal summarize why external guardrails are the only sustainable defense against the new wave of AI exploitation. Jamison Utter then sets the stage for the next topic in the series: securing the fundamental protocols and APIs that AI agents rely on.

View Video

A10 Networks

Read more about From Model Drift to API Exploitation: The Next Challenge in AI Security

The Secret Backdoor in Your Firewall... How Attackers Get In WITHOUT Hacking!#cybersecurity#InfoSec

Nov 11, 2025 By Wallarm In Wallarm

Your WAF is Providing a False Sense of Security Improper network configuration can completely nullify the effectiveness of your Web Application Firewall. If attackers can discover your origin server's direct IP address: They can bypass your expensive security controls entirely. Your "internal" services become externally exposed. You have a massive, unknown gap in your defenses. This animation is a clear example of why security doesn't end with buying a tool. Proper integration and a zero-trust mindset are non-negotiable.

View Video

Wallarm

API
Security

Read more about The Secret Backdoor in Your Firewall... How Attackers Get In WITHOUT Hacking!#cybersecurity#InfoSec

API Breaches: Preventing Major Security Blind Spots #cybersecurity #startup #cybersecuritycompany

Nov 10, 2025 By Astra Security In Astra

View Video

Astra

API
Security

Read more about API Breaches: Preventing Major Security Blind Spots #cybersecurity #startup #cybersecuritycompany

The CISO's Checklist: How to Evaluate an API Security Platform

Nov 7, 2025 By Vinugayathri Chinnasamy In Indusface

API Security Evaluation Checklist In the first half of 2025, APIs have emerged as the primary focus for attackers. Unlike traditional broad attacks on websites, threat actors are increasingly exploiting vulnerabilities and launching DDoS attacks on APIs, which are often harder to secure and manage at scale. Key insights from the State of Application Security Report H1 2025.

Read Post

Indusface

Read more about The CISO's Checklist: How to Evaluate an API Security Platform

APIBased JIT Access vs Proxies: Streamlining Secure Cloud Permissions

Nov 6, 2025 By Gabriel Avner In Apono

Breaking down the trade-offs between API integration and proxy gateways for modern access management The way organizations manage access has fundamentally shifted. In the past, infrastructure was mostly static—centralized data centers, long-lived servers, and predictable traffic patterns. You could rely on VPNs, firewalls, and a fixed set of roles in your identity provider. Access paths were clear, and change was infrequent. But that’s no longer the case.

Read Post