Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API

How to Use MITRE ATT&CK to Mitigate API & Other Attacks?

With a threat landscape expanding at an accelerated pace, it is next to impossible for any organization to even keep track of and monitor the volume, frequency, complexity, and breadth of the attack techniques and tactics out there. But to effectively tackle threats and protect mission-critical assets, the knowledge of these common attack techniques, tactics, detection, and mitigation is critical. This is where MITRE ATT&CK is especially useful.

Secure cloud-native apps and APIs at the speed your business demands

Securing cloud-native apps require advanced tooling. Learn why Synopsys earned the highest score for the cloud-native app use case in Gartner’s latest report. The cloud-native development model entered the mainstream in the recent years, with technologies such as microservices and serverless computing, containers, APIs, and infrastructure-as-code (IaC) at the forefront of this trend.

CVE-2022-3172 - kube-apiserver can allow an aggregated API server to redirect client traffic to any URL

A new vulnerability was reported on Sep 16th in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. As a result, the client may perform unexpected actions and share the API server credentials with third parties. The aggregated API server extension in Kubernetes API server enables users to extend API server with alternative objects and paths.

Directory Sharing in a Web-Based RDP Client Using the File System Access API

Remote Desktop Protocol (RDP) is a protocol developed by Microsoft which at its core is designed to give users a graphical interface to a remote Windows computer over a network connection. The remote Windows machine runs an RDP server, while the local computer accessing it runs an RDP client. Windows comes bundled with Microsoft's Remote Desktop Connection to easily access Windows hosts over RDP.

APIs: Risks and security solutions

APIs have become a vital part of doing business. Organizations increasingly rely on the use of APIs for day-to-day workflows, particularly as cloud applications become something of a mainstay. A recent report found that the average number of APIs per company increased by 221% in 2021. Not only are APIs impossible to ignore, but the need to invest in API security cannot be overlooked. The trend in usage is closely followed by opportunists seeking ways to exploit vulnerabilities for their gain.

Best practices for API gateway security

APIs are a critical component of today’s development landscape because of their importance in microservices. Since modern software is often composed of various microservices, certain functionalities may be beyond the scope of an individual API. With an API gateway, we can aggregate those services to behave as if they were a single API, and return complex responses from disparate microservices through a single call to an API gateway.

Prevent API Exploitation: Know the Unknown, Protect the Unprotected

Almost a year ago, Gartner predicted that API attacks would be the most frequent enterprise attack vector in 2022. Strengthening API security is more critical today than ever and must be at the core of cybersecurity strategy to prevent API exploitation. To make matters worse, the lack of API visibility weakens core security principles. More organizations don’t have an accurate inventory of APIs, and it is not surprising for 30% of APIs to be unknown.

Building a secure API with gRPC

A Google remote procedure call (gRPC) is Google’s open source version of the remote procedure call (RPC) framework. It’s a communication protocol leveraging HTTP/2 and protocol buffer (protobuf) technologies. gRPC enables a remote client or server to communicate with another server by simply calling the receiving server’s function as if it were local. This makes communicating and transferring large data sets between client and server much easier in distributed systems.

Announcing: Code-free API log collection and parser creation

AT&T Cybersecurity is pleased to announce a code-free way for our USM Anywhere customers to make their own API-driven log collectors and custom parsers. This big advancement in threat detection and response technology will make it possible for customers to collect information from a much larger variety of sources and SaaS services without having to request new integrations or log parsers.

API authentication and authorization best practices

Learn about API authentication and authorization best practices to ensure your APIs are secure. While we often use the terms interchangeably, authorization and authentication are two separate functions. Authentication is the process of verifying who a user is, and authorization is the process of verifying what they have access to.