API security

API security blind spots put businesses at risk

Akamai, API security, Cloudflare, cyber risk, cybersecurity, F5 Networks, Fastly, News, Nightfall AI, report, survey /

API security blind spots put businesses at risk 2024-12-24 at 06:03 By Help Net Security Many customer-facing APIs remain unprotected, leaving businesses vulnerable to breaches. To address these threats, a comprehensive approach to API security, covering every stage of the lifecycle, is essential to protect sensitive data and prevent exploitation. In this article, you will […]

React to this headline:

Loading spinner

API security blind spots put businesses at risk Read More »

Exposed APIs and issues in the world’s largest organizations

access control, API security, authentication, cybersecurity, Don't miss, Escape, Hot stuff, Video /

Exposed APIs and issues in the world’s largest organizations 2024-12-12 at 06:32 By Help Net Security In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune 1000 organizations, with over 28,500 exposed APIs and

React to this headline:

Loading spinner

Exposed APIs and issues in the world’s largest organizations Read More »

AI’s impact on the future of web application security

API security, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, monitoring, News, opinion, web application security /

AI’s impact on the future of web application security 2024-11-15 at 07:33 By Mirko Zorz In this Help Net Security interview, Tony Perez, CEO at NOC.org, discusses the role of continuous monitoring for real-time threat detection, the unique risks posed by APIs, and strategies for securing web applications. Perez also addresses how AI-driven threats are

React to this headline:

Loading spinner

AI’s impact on the future of web application security Read More »

How AI will shape the next generation of cyber threats

API security, Artificial Intelligence, attacks, Compliance, cybercriminals, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Prismatic, regulation, strategy /

How AI will shape the next generation of cyber threats 2024-11-07 at 08:08 By Mirko Zorz In this Help Net Security interview, Buzz Hillestad, CISO at Prismatic, discusses how AI’s advancement reshapes cybercriminal skillsets and lowers entry barriers for potential attackers. Hillestad highlights that, as AI tools become more accessible, organizations must adapt their defenses

React to this headline:

Loading spinner

How AI will shape the next generation of cyber threats Read More »

Product showcase: Shift API security left with StackHawk

API security, Don't miss, Hot stuff, News, Product showcase, StackHawk /

Product showcase: Shift API security left with StackHawk 2024-10-30 at 15:05 By Help Net Security With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a criticality. Without a proactive approach, your APIs could become

React to this headline:

Loading spinner

Product showcase: Shift API security left with StackHawk Read More »

The dark side of API security

API security, cybersecurity, digital transformation, Don't miss, F5 Networks, Hot stuff, Video /

The dark side of API security 2024-10-15 at 07:02 By Help Net Security APIs are the backbone of digital transformation efforts, connecting applications across organizations, so their security is of the utmost importance. In this Help Net Security video, Lori MacVittie, a Distinguished Engineer at F5, discusses the current state of API security. A recent

React to this headline:

Loading spinner

The dark side of API security Read More »

30% of customer-facing APIs are completely unprotected

API security, cybersecurity, F5 Networks, News, report, survey /

30% of customer-facing APIs are completely unprotected 2024-10-09 at 06:34 By Help Net Security 70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web pages that are now accessed via HTTPS, following the push for secure

React to this headline:

Loading spinner

30% of customer-facing APIs are completely unprotected Read More »

Could APIs be the undoing of AI?

API security, Artificial Intelligence, Cequence Security, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, LLMs, News, opinion /

Could APIs be the undoing of AI? 2024-09-30 at 08:01 By Help Net Security Application programming interfaces (APIs) are essential to how generative AI (GenAI) functions with agents (e.g., calling upon them for data). But the combination of API and LLM issues coupled with rapid rollouts is likely to see numerous organizations having to combat

React to this headline:

Loading spinner

Could APIs be the undoing of AI? Read More »

Cybercriminals capitalize on travel industry’s peak season

API security, attacks, Cequence Security, CISO, Compliance, cybersecurity, News, report, survey /

Cybercriminals capitalize on travel industry’s peak season 2024-08-28 at 06:31 By Help Net Security Cybercriminals are capitalizing on the travel and hospitality industry’s peak season, using increased traffic as cover for their attacks, according to Cequence Security. Researchers investigated the top 10 travel and hospitality sites to identify externally visible edge, cloud infrastructure, application stack,

React to this headline:

Loading spinner

Cybercriminals capitalize on travel industry’s peak season Read More »

Common API security issues: From exposed secrets to unauthorized access

Akamai, API security, Cloudflare, cybersecurity, Escape, F5 Networks, Fastly, News, Nightfall AI, report, survey /

Common API security issues: From exposed secrets to unauthorized access 2024-08-19 at 06:01 By Help Net Security Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, which attackers frequently misuse. The

React to this headline:

Loading spinner

Common API security issues: From exposed secrets to unauthorized access Read More »

35% of exposed API keys still active, posing major security risks

API security, cybersecurity, News, Nightfall AI, passwords, report, risk, SaaS /

35% of exposed API keys still active, posing major security risks 2024-08-13 at 06:01 By Help Net Security Nightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every year. Hidden risks of secret sprawl in cloud and SaaS

React to this headline:

Loading spinner

35% of exposed API keys still active, posing major security risks Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy /

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

React to this headline:

Loading spinner

Overlooked essentials: API security best practices Read More »

Using Authy? Beware of impending phishing attempts

2FA, API security, authentication, CCC, cloud security, Data leak, Don't miss, Hot stuff, MFA, News, phishing, Twilio /

Using Authy? Beware of impending phishing attempts 2024-07-11 at 15:46 By Zeljka Zorz Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the

React to this headline:

Loading spinner

Using Authy? Beware of impending phishing attempts Read More »

Security challenges mount as as companies handle thousands of APIs

API security, app, digital transformation, F5 Networks, News, report, survey /

Security challenges mount as as companies handle thousands of APIs 2024-06-04 at 06:31 By Help Net Security Modern applications are taking over enterprise portfolios, with apps classed as modern now making up 51% of the total, up by more than a quarter in the last year, according to F5. According to the 2024 edition of

React to this headline:

Loading spinner

Security challenges mount as as companies handle thousands of APIs Read More »

A closer look at Apiiro’s SHINE partner program

API security, Apiiro, Application Security, cybersecurity, Don't miss, Hot stuff, Risk Management, Video /

A closer look at Apiiro’s SHINE partner program 2024-05-01 at 16:46 By Help Net Security In this Help Net Security video, Adam LaGreca, Founder of 10KMedia, sat down with John Leon, VP of Partnerships at Apiiro, discusses the company’s new technology partner program SHINE. The name stands for the program’s guiding principles – Seamless, Holistic,

React to this headline:

Loading spinner

A closer look at Apiiro’s SHINE partner program Read More »

Damn Vulnerable RESTaurant: Open-source API service designed for learning

API security, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, skill development /

Damn Vulnerable RESTaurant: Open-source API service designed for learning 2024-04-17 at 07:01 By Mirko Zorz Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developers, and security engineers where

React to this headline:

Loading spinner

Damn Vulnerable RESTaurant: Open-source API service designed for learning Read More »

95% of companies face API security problems

API security, CISO, cybersecurity, Don't miss, Fastly, News, report, survey, threats /

95% of companies face API security problems 2024-03-22 at 06:31 By Help Net Security Despite the critical role of APIs, the vast majority of commercial decision-makers are ignoring the burgeoning security risk for businesses, according to Fastly. Application Programming Interfaces (APIs) have long been recognised as a bedrock of the digital economy and recent figures

React to this headline:

Loading spinner

95% of companies face API security problems Read More »

API environments becoming hotspots for exploitation

Akamai, API security, cybersecurity, News, report, survey /

API environments becoming hotspots for exploitation 2024-03-20 at 06:01 By Help Net Security A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals, according to Akamai. API integration amplifies risk exposure for enterprises APIs are at the heart of digital

React to this headline:

Loading spinner

API environments becoming hotspots for exploitation Read More »

5 ways to keep API integrations secure

API security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Merge, News, opinion, SIEM, software, update /

5 ways to keep API integrations secure 2024-03-06 at 08:20 By Help Net Security API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card data. Keeping this data safe from attackers—while ensuring that the integrations perform at the desired level—requires adopting several security measures.

React to this headline:

Loading spinner

5 ways to keep API integrations secure Read More »

Using AI to reduce false positives in secrets scanners

API security, Artificial Intelligence, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Features, Hot stuff, Legit Security, News, opinion, SSH /

Using AI to reduce false positives in secrets scanners 2024-02-27 at 08:02 By Help Net Security As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication. These tokens are the glue that keeps any

React to this headline:

Loading spinner

Using AI to reduce false positives in secrets scanners Read More »

Scroll to Top