API

The Darkside of GraphQL

Jan 3, 2024 By Datadog In Datadog

GraphQL is a query language for APIs that provides a powerful and efficient way to query and manipulate data. As powerful and versatile as GraphQL is, its downside is that it can be vulnerable to certain security threats. In this presentation, we will discuss the security vulnerabilities associated with GraphQL, from the basics to more advanced threats, and how to best protect against them. After this presentation, attendees will have a better understanding of security vulnerabilities in GraphQL, as well as an understanding of the steps needed to protect against them.

View Video

Datadog

Read more about The Darkside of GraphQL

How to Become Great at API Key Rotation: Best Practices and Tips

Dec 28, 2023 By Guest Expert In GitGuardian

Secret management can be a complex challenge, especially when you are trying to do it in a way that is right for security. Key rotation is a big piece of that puzzle. In this article, we will take you from zero to hero on key rotation.

Read Post

GitGuardian

Read more about How to Become Great at API Key Rotation: Best Practices and Tips

API Management: Using Runtime API Security to Enhance API Lifecycle Processes

Dec 27, 2023 By Jeff Darrington In Graylog

As I look at the range of API Management approaches that are recommended by various analysts, pundits, and vendors, I find it interesting that most don’t really know how to address “security” in the context of API management. In high-level API lifecycle management diagrams securing APIs is rarely called out visually, although it may be addressed briefly in an accompanying paragraph.

Read Post

Graylog

Read more about API Management: Using Runtime API Security to Enhance API Lifecycle Processes

CISO: Top 10 Trends for 2024

Dec 27, 2023 By Wallarm In Wallarm

I recently hosted and moderated a distinguished panel of Chief Information Security Officers (CISOs) - Nitin Raina, CISO at ThoughtWorks, Mike Wilkes, former CISO at Marvel and Yogesh Badwe, CSO at Druva. We discussed major trends for 2024 across an array of topics including the evolving threat landscape, recent regulations, data privacy considerations, securing product and critical infrastructure.

Read Post

Wallarm

Read more about CISO: Top 10 Trends for 2024

Celebrating 50,000 Downloads of Bearer CLI - and what it means!

Dec 21, 2023 By Guillaume Montard In Bearer

Bearer CLI, our free and open code security (SAST) scanner, has now been downloaded over 50,000 times since its launch back in March — this year! Behind this number are represented some key industry trends: Let’s dig in!

Read Post

Bearer

Read more about Celebrating 50,000 Downloads of Bearer CLI - and what it means!

Security with a High Engineer-to-AppSec Ratio: Insights from Jeevan Singh

Dec 12, 2023 By Nipun Gupta In Bearer

Navigating the delicate balance between an expanding number of engineers and the imperative for robust Application Security (AppSec) practices is no small feat. In this interview, we delve into the invaluable perspective of Jeevan Singh, the Director of Security Engineering at Rippling, the #1 workforce management platform. He shares insights and strategies that have allowed him in his career to successfully navigate the intricate maze of security amidst a high engineer-to-AppSec ratio.

Read Post

Bearer

Read more about Security with a High Engineer-to-AppSec Ratio: Insights from Jeevan Singh

Leveraging OpenAPI as a Core Element of API and Application Security

Dec 8, 2023 By Robert Dickinson In Graylog

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Read Post

Graylog

Read more about Leveraging OpenAPI as a Core Element of API and Application Security

Introducing Bearer Assistant

Dec 7, 2023 By Guillaume Montard In Bearer

Artificial Intelligence (AI) is a hot topic these days, especially across the security industry. There's hardly a day when we don't read about its potential to create an impact on our lives, for better or worse. As a security company, we truly believe in the potential of AI, but we didn't want to jump into the deep end without careful consideration as we followed the buzz with a healthy amount of skepticism.

Read Post

Bearer

Read more about Introducing Bearer Assistant

The Ultimate 2024 API Security Checklist

Dec 4, 2023 By Nivedita James Palatty In Astra

The process of protecting web API from attacks and ensuring only authorized access takes place is called API security. In the past six months attacks targeting APIs have increased by 400%. This has resulted in API security becoming a C-level discussion in many companies.

Read Post

Astra

Read more about The Ultimate 2024 API Security Checklist

Bolstering API Security: Introducing Wallarm's API Attack Surface Management (AASM)

Dec 4, 2023 By Wallarm In Wallarm

In the fast-paced digital world, think of Application Programming Interfaces (APIs) as the threads that stitch together the fabric of our tech ecosystems. They're often overlooked, quietly ensuring that your apps communicate seamlessly and keep the digital world running smoothly. The majority of organizations grapple with a common challenge — limited visibility into their public API attack surfaces.

Read Post