Technology

API2:2019 Broken User Authentication: The What, Impact, Sample Exploit, and Prevention Methods

Mar 15, 2023 By Indusface In Indusface

API2:2019 Broken User Authentication happens when an attacker bypasses an API’s authentication and authorization mechanisms and gains access to sensitive data or functionality that should only be available to authorized users.

Read Post

Indusface

Read more about API2:2019 Broken User Authentication: The What, Impact, Sample Exploit, and Prevention Methods

Massive data breach with fake ChatGPT extension

Mar 14, 2023 By General In ManageEngine

Chat Generative Pre-trained Transformer (ChatGPT) is now available on the official Google Chrome store as a browser extension, giving you easy access to this sophisticated chatbot. How exciting does that sound? Read the full story here.

Read Post

ManageEngine

Read more about Massive data breach with fake ChatGPT extension

Why Companies Still Struggle with Least Privilege in the Cloud

Mar 14, 2023 By Miguel Hernández In Sysdig

Vulnerabilities are only one part of the cloud security story. Misconfigurations are still the biggest player in security incidents and, therefore, should be one of the greatest causes for concern in organizations.

Read Post

Sysdig

Read more about Why Companies Still Struggle with Least Privilege in the Cloud

Cloud Threats Memo: Cyber Espionage Campaign Using Remote Access Tools

Mar 14, 2023 By Paolo Passeri In Netskope

Another day, another cyber espionage campaign exploiting two legitimate and well-known cloud services to deliver the malicious payload. Once again, this campaign was unearthed by researchers at Sentinel One, and it is aimed to distribute the Remcos Remote Access Tool (yet another example of a remote control tool used for malicious purposes) through the DBatLoader to target predominantly organizations in Eastern Europe.

Read Post

Netskope

Read more about Cloud Threats Memo: Cyber Espionage Campaign Using Remote Access Tools

Broken Object Level Authorization: API security's worst enemy

Mar 14, 2023 By Thomas Jung In AT&T Cybersecurity

According to the Open Web Application Security Project (OWASP, 2019), broken object-level authorization (BOLA) is the most significant vulnerability confronting modern application programming interfaces (APIs). It can be exciting to pursue innovations in the API area, but while doing so, programmers must ensure that they are adequately attentive to security concerns and that they develop protocols that can address such concerns.

Read Post

AT&T Cybersecurity

Read more about Broken Object Level Authorization: API security's worst enemy

Salt Goes Gold Again, with Two Globee Cybersecurity Awards

Mar 14, 2023 By Michelle McLean In Salt Security

Last week, three golds. This week, two more. Wow – the accolades keep coming. Salt took top honors in two Globee® Cybersecurity World Award categories: Hot Security Company of the Year for Security Software, and API Management and Security! You can read all the formal details in our announcement. We’ve earned five awards in the past two weeks, and the month isn’t even half over.

Read Post

Salt Security

Read more about Salt Goes Gold Again, with Two Globee Cybersecurity Awards

OptiXdashboard Cloud Management Tool - Manage Your Cloud Infrastructure with a Single Platform

Mar 13, 2023 By Opti9 In Opti9

In this video, we provide an overview of OptiXdashboard, a powerful hybrid cloud management tool that allows you to manage your entire cloud infrastructure with a single platform. Whether you are working with public or private clouds, OptiXdashboard can help you simplify and streamline your management tasks, providing you with greater visibility and control over your resources.

View Video

Opti9

Read more about OptiXdashboard Cloud Management Tool - Manage Your Cloud Infrastructure with a Single Platform

The Explosion of APIs and Nuances of API Security | Kashi (Co-founder & CTO, Fitbots)

Mar 13, 2023 By Indusface In Indusface

Here are some highlights of the conversation between Kashi (Co-founder & CTO, Fitbots OKRs) & Venky (Founder & CMO, Indusface). They discuss how the API adoption growth will lead to an exponential increase in API security needs. Adopting multiple business services & securely integrating with them will be the future for running a sustainable long-term business. They cover a bunch of other aspects in the SaaSTrana Podcast, like: - API security with dynamic endpoints

View Video

Indusface

API
Security

Read more about The Explosion of APIs and Nuances of API Security | Kashi (Co-founder & CTO, Fitbots)

Exploring the open-source business model and how companies monetize it

Mar 13, 2023 By Deepak Prabhakara In BoxyHQ

With the rise of open-source solutions and solution providers, one of the biggest questions asked is, how do businesses monetize while giving away the source code for free?

Read Post

BoxyHQ

Read more about Exploring the open-source business model and how companies monetize it

Opti9tech Hybrid Cloud Solutions for Credit Unions

Mar 13, 2023 By Opti9 In Opti9

Opti9tech's hybrid cloud solutions are tailored to meet the unique needs of credit unions. With their flexible and scalable approach, Opti9tech offers a range of cloud-based solutions that can be customized to fit the specific requirements of each credit union. This includes a hybrid cloud solution that combines the benefits of both private and public clouds, providing maximum flexibility and cost-effectiveness.

View Video