Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API

Wallarm Platform Demo: Using the Settings Menu

Take a quick tour of our End-to-End API Security dashboard. Discover all the APIs in your portfolio, the associated risks from OWASP Top-10 threats like Injections and BOLA, and sensitive data flows. Prevent API Abuse from Bots and DoS attacks. Find and block leaked API secrets like API keys, credentials, tokens and more. Set triggers and integrate into your existing workflow.

Wallarm Platform Demo: API Discovery & API Posture Management

Learn how to discover all the APIs in your portfolio, based on actual traffic instead relying on schemas, including internal and external-facing endpoints, so you can protect them against OWASP Top-10 threats like Injections and BOLA, ensure sensitive data are protected against unintentional or malicious disclosure, and much more.

API Security 101: Understanding the Risks and Implementing Best Practices

API security is the process of effectively securing APIs owned by the organization and external APIs used by implementing API-specific security strategies. It secures API vulnerabilities and misconfigurations and prevents their exploitation by attackers. It mitigates a wide range of API security threats and helps effectively manage risks associated with APIs.

Being with the "best of the best" as a YC Top Company

Salt has long benefited from the unique support that comes from being part of the Y Combinator accelerator program (Salt was in the Winter 2016 batch), and all these years later, we’re thrilled to have been named to not one but two of YC’s Top Company lists – the Top Private YC companies 2023 and the YC Breakthrough Companies 2023. For the Top Private list, it’s deja vu all over again, since we made that list last year as well.

OAuth security gaps at Booking.com (now remediated)

This short video explains how Salt Labs researchers identified several critical security flaws on the popular travel site Booking.com. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user such as booking or canceling reservations and ordering transportation services.

Traveling with OAuth - Account Takeover on Booking.com

OAuth (Open Authorization) is a modern, open authorization standard designed to allow cross-application access delegation – for example, allowing your application to read data from your Facebook profile. Combined with the proper extensions, OAuth can also be used for authentication – for example, to log into your application using Google credentials. Since its first introduction in 2006, OAuth has gained tremendous popularity.

Sponsored Post

How to integrate continuous API fuzzing into the CI/CD?

API security is a growing concern for businesses that offer or consume APIs. APIs, or application programming interfaces, allow different software systems to communicate and exchange data. They allow businesses to build integrations and connect with partners, customers, and other stakeholders. However, as more sensitive data is being shared through APIs, it is essential to ensure that these interfaces are secure and protected from unauthorized access or manipulation. In this blog post, we'll discuss how continuous fuzzing can be a powerful tool to secure APIs and how developers can adopt a "secure by default" approach by integrating continuous fuzzing into SDLC processes.

API Security for AI Driven SaaS Companies & Security Daily Gym | Kashi (Co-Founder & CTO Fitbots)

In this podcast, Kashi (Co-founder & CTO, Fitbots OKRs) discusses with Venky how AI-based SaaS organizations can secure their APIs with the help of dynamic endpoints. He even shares about his life as a CTO, where he spends a short time on security but still maintains the highest security standards with the help of a Daily Security Gym! With 15+ years of corporate experience, he has followed some consistent security practices over the years and discusses them in detail.