API

Harnessing the Magic of API: Turbocharging Business Automation

Oct 27, 2023 By SecuritySenses In SecuritySenses

In the bustling metropolis of the modern digital realm, there's a quiet revolution taking place. Businesses, from local startups to multinational corporations, are embracing an unseen hero that propels them to new heights: the Latenode API. But what is this mysterious force, and why is it setting the business world alight?

Read Post

SecuritySenses

Read more about Harnessing the Magic of API: Turbocharging Business Automation

Announcing beta support for PHP, alpha for Go and Python

Oct 26, 2023 By Guillaume Montard In Bearer

PHP holds the bar as one of the most popular and sought-after technologies for web development. As W3Techs shows, PHP code is running on 76.8% of all websites around the globe. We are very excited to announce that the latest version of Bearer now supports PHP in Beta, with more than 50 rules already available, providing a good level of security risks and vulnerabilities coverage. For the PHP support in this release, we have included a strong focus on the popular Symfony framework.

Read Post

Bearer

Read more about Announcing beta support for PHP, alpha for Go and Python

The growth of APIs attracts Cybercrime: How to prepare against cyber attacks

Oct 24, 2023 By Josh Breaker-Rolfe In Tripwire

Application Programming Interfaces (APIs) have profoundly transformed the internet's fabric. In the pre-API era, digital interactions were limited by siloed systems functioning in isolation. APIs dismantled these barriers by introducing a universal language that diverse applications could comprehend. This linguistic bridge facilitated an unprecedented level of interconnectivity between software entities.

Read Post

Tripwire

Read more about The growth of APIs attracts Cybercrime: How to prepare against cyber attacks

Oh-Auth - Abusing OAuth to take over millions of accounts

Oct 24, 2023 By Aviad Carmel In Salt Security

OAuth (Open Authorization) is one of the fastest adopted technologies in the AppSec domain. From its first introduction in 2006, as an attempt to introduce a standard authorization protocol, it has become one of the most popular protocols for both user authorization and authentication, and it’s being used by almost every major web service and website today. One of the reasons for its huge popularity is its ease of implementation.

Read Post

Salt Security

Read more about Oh-Auth - Abusing OAuth to take over millions of accounts

OAuth security gaps at Grammarly (now remediated)

Oct 24, 2023 By Salt Security In Salt Security

This short video explains how Salt Labs researchers identified several critical security flaws on the popular site - Grammarly. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user. All issues were reported to Grammarly and have been resolved with no evidence of these flaws being actively exploited in the wild. In the research, they also found similar vulnerabilities in Vidio.com and Bukalapak.com.

View Video

Salt Security

API
Security

Read more about OAuth security gaps at Grammarly (now remediated)

Elevating Enterprise API Security with Wallarm for MuleSoft Anypoint Platform

Oct 17, 2023 By Wallarm In Wallarm

In an age characterized by digital transformation, APIs serve as the backbone of modern applications, enabling diverse systems to communicate and share data seamlessly. This widespread API adoption, however, exposes organizations to a considerable attack surface, inviting the attention of cyber adversaries searching for vulnerabilities to exploit.

Read Post

Wallarm

Read more about Elevating Enterprise API Security with Wallarm for MuleSoft Anypoint Platform

2023 OWASP Top-10 Series: Wrap Up

Oct 14, 2023 By Wallarm In Wallarm

Over the past several months, we've taken a journey through the new 2023 OWASP API Security Top-10 list. In the previous 12 weekly posts, we've delved into each category, discussed what it is, how it's exploited, why it matters, and suggested effective protections for each. Now, as we conclude this series, it's time to summarize and offer some practical guidance for security practitioners looking to bolster API security in their organizations.

Read Post

Wallarm

Read more about 2023 OWASP Top-10 Series: Wrap Up

Modern Application & Software Security Roundtable - with Jim Manico & Bearer

Oct 11, 2023 By Bearer In Bearer

Jim Manico, Guillaume Montard, and Nipun Gupta discuss how the application and software security paradigm has changed in 2023, and what technologies like SAST and code security might look like in the future. Recorded on October 9th, 2023.

View Video

Bearer

Read more about Modern Application & Software Security Roundtable - with Jim Manico & Bearer

The Latest Trends in API Security: The 2023 OWASP API Security Top Ten

Oct 10, 2023 By Adam Murray In Mend

The Open Web Application Security Project (OWASP) has published the latest edition of its API Security Top Ten, which was first published in 2019. The Top Ten is a significant daughter list of the OWASP Top Ten, which is one of the most definitive lists of the most severe web application risks. Why is this important? What are its main findings? And what does this mean for application security?

Read Post

Mend

Read more about The Latest Trends in API Security: The 2023 OWASP API Security Top Ten

Bearer Demo | Developer-first SAST Solution | 1-Minute Overview

Oct 10, 2023 By Bearer In Bearer

Discover Bearer in just 60 seconds! Dive into the future of code security with our developer-first SAST solution. Bearer seamlessly integrates with your CI/CD pipeline, ensuring fast, accurate, and super-charged privacy scans for your codebase. Experience the revolutionized potential of SAST that truly understands your security needs. Get ready to redefine what code security can do for you!

View Video