Many of the businesses that already have revenue-generating web applications are starting an API-first program. Now, old monolithic apps are being broken into microservices developed in elastic and flexible service-mesh architecture. The common question most organizations grapple with is – how to enhance application security designed for web apps to APIs and API security? Protecting APIs against modern cyber threats requires going beyond the traditional solutions.

Regardless of the techniques used, going big, expensive, and glossy – while potentially useful - doesn’t replace the need for a well-reasoned approach to securing assets founded on traditional activities and principles. Innumerable assets are housed behind APIs, and the widespread use of APIs means they are high-profile targets. Securing them is of the utmost importance.

In 2013, hackers breached an HVAC provider’s network, giving them access to 40 million credit and debit card numbers from their biggest client: Target. It took years to repair the damage. Relying on third-party vendors is necessary but still presents a cybersecurity risk. How will the companies handle your clients’ data? How vulnerable are they to being hacked?

The latest Salt Labs State of API Security report is out, and we’re excited to share with you some of the key findings. The security industry news has frequently covered high-profile application programming interface (API) breaches over the past few years, so it’s no surprise that our research found that attackers have upped their activity. Salt Labs analyzed the past year of Salt customer data and found a 400% increase in unique attackers just over the last six months alone.

It’s no exaggeration to say that APIs are the backbone of the modern digital economy. API usage has seen staggering exponential growth over the last two decades with sources like Postman's 2022 State of the API Report illustrating just how embedded APIs are into our modern world. In 2022, the Postman API platform saw 20 million users and over 1 billion API requests created.

We’ve already had the first major API-related cybersecurity incidents for 2023. The T-Mobile API breach exposed the personally identifiable information (PII) of 37 million customers. The API attack had been going on since November but was not discovered and disclosed until January 19, illustrating the threat of the “low and slow” approach of API attacks, which are increasing at a steady pace.

API keys are unique identifiers that enable developers to access and interact with an application's data and services. They act as a bridge between applications, allowing them to share data and functionality. In today's digital world, API keys are increasingly important as they facilitate seamless communication between various applications and services.

The GitGuardian API lets you remediate your secret incidents from any platform you prefer. We are proud to release a new demo application to help you learn how to automate your workflows.

When a consumer opens a bank account, the bank goes through a procedure called bank account verification. It enables all required checks to be made on the account user and the source of their income, successfully stopping illegal activities like money laundering and the financing of terrorism. In this post, we’ll examine how to validate a bank account and its owner, as well as the legal considerations that must be made while validating a client’s bank account.

I’m excited to share the latest evidence of Salt leadership in API security, with two powerful tributes. First – Salt Security has been honored as winning the “Peace of Mind” category during the first-ever Ally Technology Partner Awards! Ally Financial, the nation’s largest digital-only bank and leading auto finance company, highlighted five suppliers for their outstanding service excellence across a broad array of criteria.