TechcrunchSecurity: API security startup Pynt raises $6M https://techcrunch.com/2023/09/06/api-security-startup-pynt-raises-6m/ #APIsecurity #Enterprise #Automation #Security #Startups #funding

#SymLink: The article showcases Noname Security's presentations on API security during Security Field Day 9 and highlights the positive feedback received from delegates, emphasizing their comprehensive solutions for API vulnerabilities. #NonameSecurity #SecurityFieldDay9 #APIsecurity #SecuritySolutions
https://nonamesecurity.com/blog/security-field-day/
@NonameSecurity #XFD9

It takes a village to run a village. We are looking for volunteers to help us bring AppSec Village at DEF CON 31 to life.

Learn more https://www.appsecvillage.com/volunteer

#dc31 #defcon #defcon31 #appsecvolunteers
#appsec #applicationsecurity #appsecurity #apisecurity

A report released by Data Theorem and ESG finds that 92% of organizations experienced an #APIsecurity incident in 2022. https://venturebeat.com/security/report-shows-92-of-orgs-experienced-an-api-security-incident-last-year/ #press

ICYMI Our @defcon #callforpapers is now open at the @AppSecVillage!! buff.ly/3KriXI6 We can't wait to see your ideas for workshops, panels, hands-on activities, etc by May 14. #callforspeakers #cfp #cfs #dc31 #defcon #defcon31 #appsec #apisecurity

Broken Object-Level Authorization: The hidden enemy of API security!

Learn how to protect your data from BOLA vulnerabilities the consequences and solutions in this latest article: https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy

#APIsecurity #OWASP #Cybersecurity

Referenced link: https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy
Discuss on https://discu.eu/q/https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy

Originally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TheHackersNews/status/1636732789281157120#m

🚨Broken Object-Level Authorization: The hidden enemy of API security!

Learn how to protect your data from BOLA vulnerabilities the consequences and solutions in this latest article: https://cybersecurity.att.com/blogs/security-essentials/broken-object-level-authorization-api-securitys-worst-enemy

#APIsecurity #OWASP #Cybersecurity

Check out this article to find out how offensive AI may affect API hacking, and what you can do about it.

https://danaepp.com/is-offensive-ai-going-to-be-a-problem-for-api-hackers

#apihacking #apisecurity #ai

I hadn’t realised this interview I did with Coding over Cocktails has made its way onto YouTube: https://www.youtube.com/watch?v=wC1g9gjbtks #apisecurity #podcast #interview

In a 𝐃𝐞𝐯𝐒𝐞𝐜𝐎𝐩𝐬 environment, 𝐀𝐏𝐈 𝐆𝐚𝐭𝐞𝐰𝐚𝐲 is a critical component that helps to achieve the core principles of DevSecOps, which are collaboration, automation, and security. In this article, we will walk you through 𝐭𝐡𝐞 6 𝐫𝐞𝐚𝐬𝐨𝐧𝐬 𝐰𝐡𝐲 𝐀𝐏𝐈 𝐆𝐚𝐭𝐞𝐰𝐚𝐲 𝐢𝐬 𝐢𝐦𝐩𝐨𝐫𝐭𝐚𝐧𝐭 in building APIs with the DevSecOps approach.

👉https://api7.ai/blog/guide-to-devsecops-with-api-gateway

#devsecops #apigateway #apisecurity #automation

Changes are coming to the OWASP API Security Top 10. Check out this article to find out what might affect you and your API security testing.

https://danaepp.com/owasp-api-security-top-10-upcoming-changes-you-need-to-know-about

#owasp #apisecurity #apitesting

Let me show you how to build an API security testing checklist that leverages common attack pattern enumeration in a way so you can start thinking about how to approach a target, how to attack it, and how to leave little to no trace.

https://danaepp.com/an-api-security-testing-checklist-with-a-twist

#apisecurity #apihacking #apitesting

ISMG Editors' panel: Zero trust: how defenders secure data & applications in the wake of MFA bypass attacks https://www.bankinfosecurity.com/ismg-editors-zero-trust-special-a-21300 Zero Trust's John Kindervag on ChatGPT, API Security, MFA Bypass, +Tom Field, Mathew Schwartz and Anna Delaney #zerotrust #chatgpt #apisecurity

Agent-Based vs. Agentless Security: Which Approach Is Better?

https://thenewstack.io/agent-based-vs-agentless-security-which-approach-is-better/

"A look at two strategies for deploying cloud security software along with tips on when each one does or doesn't make sense."

#api360 #apiSecurity

Time to hide your API

https://sdtimes.com/security/time-to-hide-your-api/

"According to the 2022 State of APIs report, 69% of developers said that they expect to use APIs more in 2023 while 25% said that they expect about the same. Only about 6% stated that they expect less or they didn't know."

#api360 #apiSecurity

😈 #Cybersecurity attacks are on the rise.

Gartner reported API data breaches would be the most common attack vector in 2022, & the number of attacks is predicted 𝙩𝙤 𝙙𝙤𝙪𝙗𝙡𝙚 by 2024.

So what can developers and businesses do to amp up #APIsecurity?

Learn:
- What #APISecOps is
- How #API, #microservice & policy lifecycles integrate to produce a secure service in production
- Why collaboration & API-Design First are essential
- How protect yourself against API abuse

http://ow.ly/eNtV50MZGc0

Testing APIs? You owe it to yourself to look at it through a security lens. Check out this article to find out why.

https://danaepp.com/analyzing-your-existing-api-testing-through-a-security-lens

#apitesting #apihacking #apisecurity

Check out this post I wrote on how to hack your hardware to find the firmware and swipe the source code of APIs under security testing.

https://danaepp.com/exploiting-embedded-apis-by-dumping-firmware

#apihacking #apisecurity #apitesting

The #OWASP #APISecurity Project team announced the OWASP API Security Top 10 2023 release candidate is now available! https://github.com/OWASP/API-Security/tree/master/2023/en/src

👉 Every API is different & comes with its own set of security challenges.

Here are the OWASP Top 10 API Security Threats that you can go through to understand the various types of threats & applying the right kind of security measures.

Read more: https://cybertrends-indusface.medium.com/critical-owasp-top-10-api-security-threats-a4f8177225d5

#apiscanning #apptrana #indusface #owaspapi #apithreats #apivulnerability #apis #apisecurity