TechcrunchSecurity: API security startup Pynt raises $6M https://techcrunch.com/2023/09/06/api-security-startup-pynt-raises-6m/ #APIsecurity #Enterprise #Automation #Security #Startups #funding
#apisecurity #enterprise #automation #security #startups #funding
#SymLink: The article showcases Noname Security's presentations on API security during Security Field Day 9 and highlights the positive feedback received from delegates, emphasizing their comprehensive solutions for API vulnerabilities. #NonameSecurity #SecurityFieldDay9 #APIsecurity #SecuritySolutions
https://nonamesecurity.com/blog/security-field-day/
@NonameSecurity #XFD9
#SymLink #nonamesecurity #securityfieldday9 #apisecurity #securitysolutions #xfd9
It takes a village to run a village. We are looking for volunteers to help us bring AppSec Village at DEF CON 31 to life.
Learn more https://www.appsecvillage.com/volunteer
#dc31 #defcon #defcon31 #appsecvolunteers
#appsec #applicationsecurity #appsecurity #apisecurity
#dc31 #defcon #defcon31 #appsecvolunteers #appsec #applicationsecurity #appsecurity #apisecurity
A report released by Data Theorem and ESG finds that 92% of organizations experienced an #APIsecurity incident in 2022. https://venturebeat.com/security/report-shows-92-of-orgs-experienced-an-api-security-incident-last-year/ #press
ICYMI Our @defcon #callforpapers is now open at the @AppSecVillage!! buff.ly/3KriXI6 We can't wait to see your ideas for workshops, panels, hands-on activities, etc by May 14. #callforspeakers #cfp #cfs #dc31 #defcon #defcon31 #appsec #apisecurity
#callforpapers #callforspeakers #cfp #cfs #dc31 #defcon #defcon31 #appsec #apisecurity
Broken Object-Level Authorization: The hidden enemy of API security!
Learn how to protect your data from BOLA vulnerabilities the consequences and solutions in this latest article: https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy
#CyberSecurity #owasp #apisecurity
Referenced link: https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy
Discuss on https://discu.eu/q/https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy
Originally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TheHackersNews/status/1636732789281157120#m
π¨Broken Object-Level Authorization: The hidden enemy of API security!
Learn how to protect your data from BOLA vulnerabilities the consequences and solutions in this latest article: https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy
#apisecurity #OWASP #cybersecurity
Check out this article to find out how offensive AI may affect API hacking, and what you can do about it.
https://danaepp.com/is-offensive-ai-going-to-be-a-problem-for-api-hackers
I hadnβt realised this interview I did with Coding over Cocktails has made its way onto YouTube: https://www.youtube.com/watch?v=wC1g9gjbtks #apisecurity #podcast #interview
#apisecurity #podcast #interview
In a πππ―πππππ©π¬ environment, πππ πππππ°ππ² is a critical component that helps to achieve the core principles of DevSecOps, which are collaboration, automation, and security. In this article, we will walk you through ππ‘π 6 π«πππ¬π¨π§π¬ π°π‘π² πππ πππππ°ππ² π’π¬ π’π¦π©π¨π«πππ§π in building APIs with the DevSecOps approach.
πhttps://api7.ai/blog/guide-to-devsecops-with-api-gateway
#devsecops #APIGateway #apisecurity #automation
Changes are coming to the OWASP API Security Top 10. Check out this article to find out what might affect you and your API security testing.
https://danaepp.com/owasp-api-security-top-10-upcoming-changes-you-need-to-know-about
#owasp #apisecurity #apitesting
Let me show you how to build an API security testing checklist that leverages common attack pattern enumeration in a way so you can start thinking about how to approach a target, how to attack it, and how to leave little to no trace.
https://danaepp.com/an-api-security-testing-checklist-with-a-twist
#apisecurity #apihacking #apitesting
ISMG Editors' panel: Zero trust: how defenders secure data & applications in the wake of MFA bypass attacks https://www.bankinfosecurity.com/ismg-editors-zero-trust-special-a-21300 Zero Trust's John Kindervag on ChatGPT, API Security, MFA Bypass, +Tom Field, Mathew Schwartz and Anna Delaney #zerotrust #chatgpt #apisecurity
#zerotrust #chatgpt #apisecurity
Agent-Based vs. Agentless Security: Which Approach Is Better?
https://thenewstack.io/agent-based-vs-agentless-security-which-approach-is-better/
"A look at two strategies for deploying cloud security software along with tips on when each one does or doesn't make sense."
Time to hide your API
https://sdtimes.com/security/time-to-hide-your-api/
"According to the 2022 State of APIs report, 69% of developers said that they expect to use APIs more in 2023 while 25% said that they expect about the same. Only about 6% stated that they expect less or they didn't know."
π #Cybersecurity attacks are on the rise.
Gartner reported API data breaches would be the most common attack vector in 2022, & the number of attacks is predicted π©π€ ππ€πͺππ‘π by 2024.
So what can developers and businesses do to amp up #APIsecurity?
Learn:
- What #APISecOps is
- How #API, #microservice & policy lifecycles integrate to produce a secure service in production
- Why collaboration & API-Design First are essential
- How protect yourself against API abuse
#cybersecurity #apisecurity #apisecops #api #microservice
Testing APIs? You owe it to yourself to look at it through a security lens. Check out this article to find out why.
https://danaepp.com/analyzing-your-existing-api-testing-through-a-security-lens
#apitesting #apihacking #apisecurity
Check out this post I wrote on how to hack your hardware to find the firmware and swipe the source code of APIs under security testing.
https://danaepp.com/exploiting-embedded-apis-by-dumping-firmware
#apihacking #apisecurity #apitesting
The #OWASP #APISecurity Project team announced the OWASP API Security Top 10 2023 release candidate is now available! https://github.com/OWASP/API-Security/tree/master/2023/en/src
π Every API is different & comes with its own set of security challenges.
Here are the OWASP Top 10 API Security Threats that you can go through to understand the various types of threats & applying the right kind of security measures.
Read more: https://cybertrends-indusface.medium.com/critical-owasp-top-10-api-security-threats-a4f8177225d5
#apiscanning #apptrana #indusface #owaspapi #apithreats #apivulnerability #apis #apisecurity
#apiscanning #apptrana #indusface #owaspapi #apithreats #apivulnerability #apis #apisecurity