Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API

Gaining Security Context with API Session Data

Nov 6, 2024 By Wallarm In Wallarm
API attacks don't always occur in a single request, and more sophisticated attacks require additional context. Whether it's account takeover or scraping, understanding the behavior of an attacker across a session is key to accurate detection and effective investigation. Today, organizations often lack the ability to delve into the details of specific API sessions. Data is spread across multiple tools, or simply unavailable. The Wallarm platform allows users to seamlessly navigate between attack detections and the surrounding session data to fully understand the behavior and interactions involved.
View Video
salt security

API Security: The Non-Negotiable for Modern Transportation

Nov 5, 2024 By Eric Schwake In Salt Security
The transportation sector is undergoing a digital revolution, from railways to aviation and trucking. APIs are at the heart of this transformation, particularly for airlines. Airlines utilize APIs to integrate internal systems with vital services such as booking platforms, check-in services, real-time flight updates, communication with customs agencies, and baggage handling.
Read Post
wallarm

Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale

Nov 4, 2024 By Wallarm In Wallarm
In a concerning trend, cybercriminals are leveraging DocuSign's APIs to send fake invoices that appear strikingly authentic. Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard.
Read Post
salt security

Securing APIs in Retail: Safeguarding Customer Data

Oct 31, 2024 By Alexandria Nicosia In Salt Security
The retail industry’s digital transformation has made secure APIs essential to modern operations since they are at the core of this shift. APIs power everything from e-commerce platforms and mobile shopping apps to inventory management, point-of-sale systems, and personalized customer experiences. They help retailers stay agile in a fast-paced market by enabling seamless data exchange and streamlining processes.
Read Post
salt security

Salt Security and Dazz: A Powerful Partnership for API Security

Oct 30, 2024 By Eric Schwake In Salt Security
As organizations adopt more modern application strategies, APIs are increasingly important for enabling seamless communication and data exchange. However, this interconnectedness also introduces more significant security risks. APIs are gateways to sensitive information, making them prime targets for attackers. This can result in data breaches, business disruptions, and reputational damage.
Read Post
wallarm

How to Mitigate the Latest API Vulnerability in FortiManager

Oct 30, 2024 By Wallarm In Wallarm
Recently, a critical API vulnerability in FortiManager (CVE-2024-47575) was disclosed. Certain threat actors exploited it in the wild to steal sensitive information containing configurations, IP addresses, and credentials used by managed devices. In advanced notification emails, Fortinet warned its users of the vulnerability and mitigation steps. The vulnerability has a critical severity rating of 9.8 out of 10.
Read Post
salt security

Lessons from the Cisco Data Breach-The Importance of Comprehensive API Security

Oct 29, 2024 By Eric Schwake In Salt Security
In the wake of Cisco’s recent data breach involving exposed API tokens - amongst other sensitive information - the cybersecurity community is reminded once again of the significant risks associated with unsecured APIs. Though Cisco has asserted that the damage was limited to a public-facing environment, such breaches demand a more cautious evaluation. Exposing sensitive information like API tokens, credentials, and even source code can have broader security implications than initially apparent.
Read Post
salt security

Prescribing Strong API Security: A Lifeline for Healthcare Data

Oct 25, 2024 By Eric Schwake In Salt Security
In 2024, healthcare organizations face heightened security challenges, mainly as they increasingly rely on Application Programming Interfaces (APIs) to support critical functions. APIs have become indispensable in driving digital transformation and improving operational efficiencies across healthcare systems. However, the rising complexity and volume of APIs, alongside insufficient security practices, have created a vulnerable environment ripe for exploitation.
Read Post
wallarm

Reducing False Positives in API Security: Advanced Techniques Using Machine Learning

Oct 25, 2024 By Wallarm In Wallarm
False positives in API security are a serious problem, often resulting in wasted results and time, missing real threats, alert fatigue, and operational disruption. Fortunately, however, emerging technologies like machine learning (ML) can help organizations minimize false positives and streamline the protection of their APIs. Let's examine how.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.