%term

Handle secrets like API keys securely in javascript projects with environment variables

Nov 8, 2023 By GitGuardian In GitGuardian

In this video we look at how to effectively use the dotenv npm package to securely use secrets like API keys by loading them into your project as environment variables. To do this we first place our secrets in a.env file and the dotenv project will load these in as env variables.

View Video

GitGuardian

Read more about Handle secrets like API keys securely in javascript projects with environment variables

Navigating Threats - Insights from the Wallarm API ThreatStats Report Q3'2023

Nov 7, 2023 By Wallarm In Wallarm

The world of digital technology is perpetually evolving, positioning cybersecurity as a frontline defense in safeguarding essential digital assets. A primary challenge in this sector, accentuated by the Wallarm API ThreatStats™ report Q3’2023, is ensuring robust API security. This in-depth report emphasizes the urgent need for immediate, strategic actions from business leaders and cybersecurity practitioners alike to combat the sophisticated emerging threats.

Read Post

Wallarm

Read more about Navigating Threats - Insights from the Wallarm API ThreatStats Report Q3'2023

Securing APIs: Practical Steps to Protecting Your Software

Nov 7, 2023 By Jenny Buckingham In Veracode

In the dynamic world of software development, Application Programming Interfaces (APIs) serve as essential conduits, facilitating seamless interaction between software components. This intermediary interface not only streamlines development but also empowers software teams to reuse code. However, the increasing prevalence of APIs in modern business comes with security challenges.

Read Post

Veracode

Read more about Securing APIs: Practical Steps to Protecting Your Software

Testing with OpenAPI Specifications

Nov 6, 2023 By Wallarm In Wallarm

The 2023 SANS Survey on API Security (Jun-2023) found that less than 50 percent of respondents have API security testing tools in place. Even fewer (29 percent) have API discovery tools. Wallarm delivers both these capabilities via our single, integrated App and API Security platform. Wallarm has long offered the ability to generate OpenAPI Specifications (aka Swagger) based on actual traffic across your endpoints.

Read Post

Wallarm

Read more about Testing with OpenAPI Specifications

What is an API Gateway? - Definition, Benefits and Limitations

Nov 3, 2023 By Vinugayathri Chinnasamy In Indusface

An API Gateway is a mediator between the client and the collection of backend services. It accepts all API calls and routes them to one or more appropriate backend services. It doesn’t stop there; it aggregates appropriate data/ resources and delivers it to the user in a unified manner. Placed in front of the API/ group of microservices, the API gateway is the single-entry point for all API calls made to and executed by the app.

Read Post

Indusface

Read more about What is an API Gateway? - Definition, Benefits and Limitations

Getting Started with 1Password Connect

Nov 2, 2023 By 1Password In 1Password

In this demo, see how you can use 1Password Connect to securely access your 1Password items and vaults in your company's applications and cloud infrastructure using a private REST API.

View Video

1Password

Read more about Getting Started with 1Password Connect

Harnessing the Magic of API: Turbocharging Business Automation

Oct 27, 2023 By SecuritySenses In SecuritySenses

In the bustling metropolis of the modern digital realm, there's a quiet revolution taking place. Businesses, from local startups to multinational corporations, are embracing an unseen hero that propels them to new heights: the Latenode API. But what is this mysterious force, and why is it setting the business world alight?

Read Post

SecuritySenses

Read more about Harnessing the Magic of API: Turbocharging Business Automation

The growth of APIs attracts Cybercrime: How to prepare against cyber attacks

Oct 24, 2023 By Josh Breaker-Rolfe In Tripwire

Application Programming Interfaces (APIs) have profoundly transformed the internet's fabric. In the pre-API era, digital interactions were limited by siloed systems functioning in isolation. APIs dismantled these barriers by introducing a universal language that diverse applications could comprehend. This linguistic bridge facilitated an unprecedented level of interconnectivity between software entities.

Read Post

Tripwire

Read more about The growth of APIs attracts Cybercrime: How to prepare against cyber attacks

Oh-Auth - Abusing OAuth to take over millions of accounts

Oct 24, 2023 By Aviad Carmel In Salt Security

OAuth (Open Authorization) is one of the fastest adopted technologies in the AppSec domain. From its first introduction in 2006, as an attempt to introduce a standard authorization protocol, it has become one of the most popular protocols for both user authorization and authentication, and it’s being used by almost every major web service and website today. One of the reasons for its huge popularity is its ease of implementation.

Read Post

Salt Security

Read more about Oh-Auth - Abusing OAuth to take over millions of accounts

OAuth security gaps at Grammarly (now remediated)

Oct 24, 2023 By Salt Security In Salt Security

This short video explains how Salt Labs researchers identified several critical security flaws on the popular site - Grammarly. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user. All issues were reported to Grammarly and have been resolved with no evidence of these flaws being actively exploited in the wild. In the research, they also found similar vulnerabilities in Vidio.com and Bukalapak.com.

View Video