Monthly Archive

Why Are APIs Easier to Attack Than Apps?#apiattacks #apisecurity #pentest #nist

Jul 31, 2025 By Wallarm In Wallarm

Discover why over 70% of application attacks now target APIs instead of web apps. Learn from Wallarm and Oracle experts how automation, low entry barriers, and the rapid growth of APIs have changed the security landscape—and what you need to know to protect your organization.

View Video

Wallarm

API
Security

Read more about Why Are APIs Easier to Attack Than Apps?#apiattacks #apisecurity #pentest #nist

The Most Dangerous API Security Myth

Jul 29, 2025 By Wallarm In Wallarm

“We know what we have.” That’s the most common (and risky) assumption.

View Video

Wallarm

API
Security

Read more about The Most Dangerous API Security Myth

ToolShell: Remote Code Execution in Microsoft SharePoint (CVE-2025-53770)

Jul 27, 2025 By Wallarm In Wallarm

On July 19, 2025, a critical remote code execution (RCE) vulnerability (CVE-2025-53770, also referred to as ToolShell) was publicly disclosed, impacting on-premises Microsoft SharePoint Server installations. This vulnerability allows unauthenticated attackers to execute arbitrary code remotely by leveraging insecure deserialization techniques.

Read Post

Wallarm

Read more about ToolShell: Remote Code Execution in Microsoft SharePoint (CVE-2025-53770)

Legacy APIs Still Bite #LegacyAPIs #APIsecurity #CyberThreats

Jul 24, 2025 By Wallarm In Wallarm

Your web app might have MFA—but what about the API behind it? Attackers know where to look, and legacy APIs are often wide open.

View Video

Wallarm

API
Security

Read more about Legacy APIs Still Bite #LegacyAPIs #APIsecurity #CyberThreats

Mastering API Security Testing: Stop BOLA and the OWASP Top 10 Before Deployment

Jul 23, 2025 By Wallarm In Wallarm

APIs drive modern applications, but their increasing complexity leaves them vulnerable to attacks. How can you ensure robust API security? Join Wallarm’s webinar to discover how to tackle today’s toughest API security challenges with advanced API security testing strategies. In this webinar we will cover: Learn how Wallarm’s innovative solutions can help you identify vulnerabilities, implement reliable security measures, and streamline your API testing process. Gain actionable insights into tools, best practices, and strategies to protect your APIs effectively.

View Video

Wallarm

Read more about Mastering API Security Testing: Stop BOLA and the OWASP Top 10 Before Deployment

Fast Releases. Slower Security? #APIs #DevOps #ContinuousDelivery

Jul 22, 2025 By Wallarm In Wallarm

Modern dev cycles move fast—but if security can’t keep up, APIs become entry points for attackers.

View Video

Wallarm

API
Security

Read more about Fast Releases. Slower Security? #APIs #DevOps #ContinuousDelivery

Shadow & Zombie APIs: Threats You Forgot

Jul 17, 2025 By Wallarm In Wallarm

Shadow APIs live in the dark, and zombie APIs refuse to die. These forgotten endpoints are open doors for attackers.

View Video

Wallarm

API
Security

Read more about Shadow & Zombie APIs: Threats You Forgot

Knowing Your APIs Securing Them #APIvisibility #APImanagement #DevSecOps

Jul 15, 2025 By Wallarm In Wallarm

You might know how many APIs you have—but are you keeping them up to date, secured, and monitored? Visibility is just the beginning.

View Video

Wallarm

Read more about Knowing Your APIs Securing Them #APIvisibility #APImanagement #DevSecOps

Fail-Open Architecture for Secure Inline Protection on Azure

Jul 11, 2025 By Wallarm In Wallarm

Every inline deployment introduces a tradeoff: enhanced inspection versus increased risk of downtime. Inline protection is important, especially for APIs, which are now the most targeted attack surface, but so is consistent uptime and performance. This is where a fail-open architecture comes in.

Read Post

Wallarm

Read more about Fail-Open Architecture for Secure Inline Protection on Azure

CISO Spotlight: Andrew Storms on Trust, AI, and Why CISOs Need to Be Optimists

Jul 11, 2025 By Wallarm In Wallarm

Andrew Storms, VP of Security at Replicated, has spent three decades on the frontlines of cybersecurity. From building Unix systems in the early ‘90s to leading incident response and AI security strategies today, he has seen the CISO role evolve from back-office function to boardroom mainstay. In this spotlight, he shares the lessons that shaped his thinking, why storytelling is a critical CISO skill, and how API security is no longer optional.

Read Post

Wallarm

Read more about CISO Spotlight: Andrew Storms on Trust, AI, and Why CISOs Need to Be Optimists

Debunking API Security Myths

Jul 11, 2025 By Wallarm In Wallarm

I recently sat down with Tejpal Garwhal, Application Security and DevSecOps Leader, for a conversation debunking some of the most common API security myths. From zombie endpoints to the limits of WAFS and gateways, we covered what’s really happening on the ground; and what security teams need to do differently. Here’s a quick rundown of the key takeaways, but for the full picture, watch the full webinar.

Read Post

Wallarm

Read more about Debunking API Security Myths

Too Many APIs, Too Little Control #APIsprawl #Visibility #DevOps

Jul 10, 2025 By Wallarm In Wallarm

By 2025, over half of enterprise APIs may go unmanaged. The faster we build, the harder it is to see what’s running.

View Video

Wallarm

API
Security

Read more about Too Many APIs, Too Little Control #APIsprawl #Visibility #DevOps

Understanding the NCSC's New API Security Guidance

Jul 9, 2025 By Wallarm In Wallarm

Legislative, regulatory, and advisory bodies the world over are waking up to the importance of API security. Most recently, the UK’s National Cyber Security Centre (NCSC) has published detailed guidance on best practices for building and maintaining secure APIs. In this blog, we’ll break down that guidance and explore how Wallarm’s platform can help you align with each one.

Read Post

Wallarm

Read more about Understanding the NCSC's New API Security Guidance

How AI Supercharges the API Threat Landscape AIsecurity #APIs #APIexplosion

Jul 8, 2025 By Wallarm In Wallarm

AI is revolutionizing how we build software—but it’s also driving rapid, unsecured API growth. Learn how AI agents connect systems fast...

View Video

Wallarm

API
Security

Read more about How AI Supercharges the API Threat Landscape AIsecurity #APIs #APIexplosion

Inside the AI Threat Landscape: From Jailbreaks to Prompt Injections and Agentic AI Risks

Jul 6, 2025 By Wallarm In Wallarm

AI has officially moved out of the novelty phase. What began with people messing around with LLM-powered GenAI tools for content creation has rapidly evolved into a complex web of agentic AI systems that form a critical part of the modern corporate landscape. However, this transformation has given new life to old threats, transforming the API security landscape all over again.

Read Post

Wallarm

Read more about Inside the AI Threat Landscape: From Jailbreaks to Prompt Injections and Agentic AI Risks

API Iceberg: The Hidden Risk Lurking Below the Surface #APIsecurity #InternalAPIs #HiddenRisk

Jul 3, 2025 By Wallarm In Wallarm

Most security teams focus on public APIs—but what about the internal ones you can’t see? As architectures evolve, hidden APIs become silent threats.

View Video

Wallarm

API
Security

Read more about API Iceberg: The Hidden Risk Lurking Below the Surface #APIsecurity #InternalAPIs #HiddenRisk

What CISA's BOD 25-01 Means for API Security and How Wallarm Can Help

Jul 2, 2025 By Wallarm In Wallarm

The US government has taken another significant step towards strengthening cloud security with the release of CISA’s Binding Operational Directive (BOD) 25-01. Aimed at improving the security posture of federal cloud environments, BOD 25-01 mandates robust configuration, visibility, and control across cloud-based services. While the directive doesn’t explicitly name API security, securing modern cloud systems relies on securing APIs - including the ones security teams don’t know about.

Read Post

Wallarm

Read more about What CISA's BOD 25-01 Means for API Security and How Wallarm Can Help

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Why Are APIs Easier to Attack Than Apps?#apiattacks #apisecurity #pentest #nist

The Most Dangerous API Security Myth

ToolShell: Remote Code Execution in Microsoft SharePoint (CVE-2025-53770)

Legacy APIs Still Bite #LegacyAPIs #APIsecurity #CyberThreats

Mastering API Security Testing: Stop BOLA and the OWASP Top 10 Before Deployment

Fast Releases. Slower Security? #APIs #DevOps #ContinuousDelivery

Shadow & Zombie APIs: Threats You Forgot

Knowing Your APIs Securing Them #APIvisibility #APImanagement #DevSecOps

Fail-Open Architecture for Secure Inline Protection on Azure

CISO Spotlight: Andrew Storms on Trust, AI, and Why CISOs Need to Be Optimists

Debunking API Security Myths

Too Many APIs, Too Little Control #APIsprawl #Visibility #DevOps

Understanding the NCSC's New API Security Guidance

How AI Supercharges the API Threat Landscape AIsecurity #APIs #APIexplosion

Inside the AI Threat Landscape: From Jailbreaks to Prompt Injections and Agentic AI Risks

API Iceberg: The Hidden Risk Lurking Below the Surface #APIsecurity #InternalAPIs #HiddenRisk

What CISA's BOD 25-01 Means for API Security and How Wallarm Can Help

Monthly Archive

Follow Us