On May 29, 2023, a critical security vulnerability, identified as CVE-2023-34362, was published, leaving users of MOVEit Transfer software at high risk. According to Progress, organizations have reported possible exploitation in the wild. Therefore it’s crucial that any business using MOVEit Transfer to take immediate action, especially since all versions of this popular file transfer software are affected by this vulnerability.
Today, we're pleased to announce a new approach to help teams manage application code security at scale supercharged with deep sensitive data context, and ship trustworthy products faster.
We have exciting news to share! Salt Security is building a bi-directional integration with the Wiz cloud security platform! With this announcement, Salt becomes the first API security vendor to build a two-way integration with Wiz, giving Wiz customers the deepest and most actionable insights into API behaviors – all within Wiz’s comprehensive cloud security platform.
Starting today, Cloudflare’s API Gateway can protect GraphQL APIs against malicious requests that may cause a denial of service to the origin. In particular, API Gateway will now protect against two of the most common GraphQL abuse vectors: deeply nested queries and queries that request more information than they should.
Bearer CLI's CI/CD integration with GitLab is a great way to add security scanning to your projects. We've taken things a step further and now support GitLab's SAST security scanner integration directly in GitLab CI for GitLab Ultimate users. This feature is available in Bearer CLI v1.9.0 and later. See our upgrade guide for your platform. Let’s dive into how it works.
It’s hard to be in the realm of technology and not hear about APIs these days. Whether it’s the launch of the ChatGPT API or news of a significant data breach at Twitter, APIs are having their time in the spotlight. Yet, despite their ubiquity, many still have questions about APIs' capabilities (and limitations). What are APIs for? What do they do? And what are they unable to do in the current era?
APIs power today’s digital economy and enable organizations to succeed in their business innovation efforts. Because every company’s APIs are unique, so are its security gaps, which bad actors will inevitably try to exploit. Only through rich context and deep behavioral analysis can these attackers be stopped. Many of the APIs that enable today’s applications and business services live and breathe within the Amazon Web Service (AWS) ecosystem.
The Open Web Application Security Project (OWASP) is a non-profit foundation devoted to web application security. One of OWASP's guiding principles is that all of their resources should be freely available and simple to find on their website, enabling anyone to increase the security of their own web applications. They provide forums, tools, videos, and documentation among other things.