%term

This API Security Mistake Could RUIN Your Business #apitesting #hacking_or_secutiy #apisecurity

Sep 9, 2025 By Wallarm In Wallarm

Testing your APIs after deployment is one of the biggest mistakes teams make. By the time vulnerabilities are discovered in production, the risk is higher, fixes take longer, and attackers may already exploit them. In this short clip from our API Security webinar, we explain why “shift-left” testing — securing APIs before deployment — is critical to prevent breaches.

View Video

Wallarm

API
Security

Read more about This API Security Mistake Could RUIN Your Business #apitesting #hacking_or_secutiy #apisecurity

Would You Like Data Leaks With That?

Sep 8, 2025 By Michael Callahan In Salt Security

It’s been a rough few weeks for burger chains. First, McDonald’s McHire chatbot was caught serving up candidate data through insecure APIs. Then Restaurant Brands International (RBI), home of Burger King, Tim Hortons, and Popeyes, had its APIs flame-broiled by attackers who discovered they could generate tokens without authentication, escalate privileges, and even eavesdrop on live drive-thru audio. When APIs become the secret sauce, leaving them unprotected is a recipe for disaster.

Read Post

Salt Security

Read more about Would You Like Data Leaks With That?

Securing Third-Party EHR Integrations: Best Practices

Sep 8, 2025 By SecuritySenses In SecuritySenses

Electronic Health Records (EHR) have become the backbone of modern healthcare, enabling providers to deliver coordinated, data-driven, and efficient care. Yet, as practices increasingly rely on third-party integrations-whether for billing, analytics, telehealth, or patient engagement-security becomes a pressing concern. A poorly secured integration can expose sensitive patient information, create compliance risks, or even compromise entire networks.

Read Post

SecuritySenses

Read more about Securing Third-Party EHR Integrations: Best Practices

From Prompt Injection to a Poisoned Mind: The New Era of AI Threats

Sep 4, 2025 By Eric Schwake In Salt Security

In our last post, we introduced the Model Context Protocol (MCP), the "brain" or "mission briefing" that guides an AI agent's actions. Most security teams are just getting familiar with prompt injection, the equivalent of tricking an AI with a single, misleading command. But that's like stopping a pickpocket at the door when a master spy is already inside, rewriting the mission plans. As AI agents become autonomous, the attacks become more profound.

Read Post

Salt Security

Read more about From Prompt Injection to a Poisoned Mind: The New Era of AI Threats

Data Rejection and API Best Practice #cybersecurity

Sep 4, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Data Rejection and API Best Practice #cybersecurity

Astra API Security Platform Slams the Backdoor on API Cyberattacks

Sep 3, 2025 By Astra In Astra

A new API security solution delivers real-time visibility and automated pentesting to secure zombie and undocumented APIs before attackers can exploit them.

Read Post

Astra

Read more about Astra API Security Platform Slams the Backdoor on API Cyberattacks

The Full Lifecycle Imperative: Why "Shift Left" Must Meet "Shift Right"

Sep 3, 2025 By Eric Schwake In Salt Security

In this series, we examined the vital connection between AI and APIs, highlighting what makes a leader in the API security market through the 2025 KuppingerCole Leadership Compass. Now, we turn to the core strategy of true API security: the full-lifecycle approach, where security is a continuous, integrated process rather than a single action.

Read Post

Salt Security

Read more about The Full Lifecycle Imperative: Why "Shift Left" Must Meet "Shift Right"

Reflecting on Wallarm's Journey: Growth, Resilience, and What Comes Next

Sep 3, 2025 By Ivan Novikov and Stepan Ilyin In Wallarm

When we started Wallarm, we focused on the APIs that power modern apps. We built an API-first platform, used AI from day one, and secured early patents in behavior-based detection and automated policy creation. The result: real-time, inline blocking with automatic API discovery that protects production, not just dashboards. Today’s investment isn’t only fuel for innovation—it’s proof of enterprise recognition.

Read Post

Wallarm

Read more about Reflecting on Wallarm's Journey: Growth, Resilience, and What Comes Next

The API Security Dilemma: Why Traditional Approaches Are Failing in the AI Era

Sep 3, 2025 By Wallarm In Wallarm

Throughout the past few years, APIs have become the backbone of digital infrastructure. They enable software-to-software communication, improve integration and interoperability, support modular architecture, and more. But as API use has exploded, so has API traffic volume and complexity, making them increasingly difficult to secure. And the rise of AI agents and automation have complicated matters further. The result? APIs have become a favourite attack vector for cybercriminals.

Read Post

Wallarm

Read more about The API Security Dilemma: Why Traditional Approaches Are Failing in the AI Era

Introducing Dynamic API Scanning

Sep 2, 2025 By Detectify In Detectify

Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. Security teams are caught in a difficult position: compliance frameworks like PCI and SOC 2 demand API scanning, but offer little guidance. Meanwhile, you’re grappling with incomplete API inventories, and the market is a confusing mix of expensive, hard-to-instrument niche tools.

Read Post