APIs are a crucial tool in today’s business environment. Allowing applications to interact and exchange data and services means that companies can provide an ever-greater range of features and functionalities to their clients quickly and easily. So, it is no wonder that a quarter of businesses report that APIs account for at least 10% of their total revenue - a number that will only increase in coming years.

GraphQL is an API query language developed by Facebook in 2015. Since then, its unique features and capabilities have made it a viable alternative to REST APIs. When it comes to security, GraphQL servers can house several types of misconfigurations that result in data compromise, access control issues, and other high risk vulnerabilities. While security issues with GraphQL are widely known, there’s little information on finding them outside of using dynamic analysis.

Data leaks and breaches lead to business risks such as regulatory fines, brand damage and revenue loss. In order to protect your organization against it, you must implement security policies that describe your data taxonomy as well as the security controls for each category of data. From there, you can uncover and classify data flows across your products, audit security controls, identify gaps with your security policy, and remediate issues.

When it comes to use cases like quick code formatting and syntax highlighting across many languages, tree-sitter is an excellent tool. But it does so much more than that. At Bearer, we use it as the base for our static code analysis feature. In this article we’ll look at tree sitter, how to use it, and how to avoid some of mistakes we made when implementing it. This should help you in making the decision if tree sitter is a good choice for your use case.

GraphQL provides security straight out of the box with validation and type-checking. However, it doesn’t fully address security concerns around APIs. In this article, we’ll learn how to secure GraphQL APIs by building a simple Node.js application using Fastify and GraphQL. According to its official documentation, GraphQL is a graph query language for APIs and a runtime for fulfilling those queries with our data.

There’s nothing more frustrating than coming up against an API that won’t cooperate, no matter how hard or long you try! A key component of building integrations, APIs have been a big deal for over a decade. At this point, if a software company doesn’t have one, its technology is as good as obsolete. More than a third of analysts, in a new Tines survey, indicated that API-first is the single most important feature and capability they would look for when evaluating a new SOAR tool.