The API security crisis and why businesses are at risk 2025-02-05 at 06:30 By Help Net Security In this Help Net Security video, Ivan Novikov, CEO of Wallarm, discusses the 2025 API ThreatStats Report, highlighting how APIs have become the primary attack surface over the past year, mainly driven by the rise of AI-related risks. […]
React to this headline:
The API security crisis and why businesses are at risk Read More »
89% of AI-powered APIs rely on insecure authentication mechanisms 2025-01-30 at 06:33 By Help Net Security APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, what is clear is that API security is no longer
React to this headline:
89% of AI-powered APIs rely on insecure authentication mechanisms Read More »
API security blind spots put businesses at risk 2024-12-24 at 06:03 By Help Net Security Many customer-facing APIs remain unprotected, leaving businesses vulnerable to breaches. To address these threats, a comprehensive approach to API security, covering every stage of the lifecycle, is essential to protect sensitive data and prevent exploitation. In this article, you will
React to this headline:
API security blind spots put businesses at risk Read More »
Exposed APIs and issues in the world’s largest organizations 2024-12-12 at 06:32 By Help Net Security In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security gaps affecting Fortune 1000 organizations, with over 28,500 exposed APIs and
React to this headline:
Exposed APIs and issues in the world’s largest organizations Read More »
AI’s impact on the future of web application security 2024-11-15 at 07:33 By Mirko Zorz In this Help Net Security interview, Tony Perez, CEO at NOC.org, discusses the role of continuous monitoring for real-time threat detection, the unique risks posed by APIs, and strategies for securing web applications. Perez also addresses how AI-driven threats are
React to this headline:
AI’s impact on the future of web application security Read More »
How AI will shape the next generation of cyber threats 2024-11-07 at 08:08 By Mirko Zorz In this Help Net Security interview, Buzz Hillestad, CISO at Prismatic, discusses how AI’s advancement reshapes cybercriminal skillsets and lowers entry barriers for potential attackers. Hillestad highlights that, as AI tools become more accessible, organizations must adapt their defenses
React to this headline:
How AI will shape the next generation of cyber threats Read More »
Product showcase: Shift API security left with StackHawk 2024-10-30 at 15:05 By Help Net Security With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a criticality. Without a proactive approach, your APIs could become
React to this headline:
Product showcase: Shift API security left with StackHawk Read More »
The dark side of API security 2024-10-15 at 07:02 By Help Net Security APIs are the backbone of digital transformation efforts, connecting applications across organizations, so their security is of the utmost importance. In this Help Net Security video, Lori MacVittie, a Distinguished Engineer at F5, discusses the current state of API security. A recent
React to this headline:
The dark side of API security Read More »
30% of customer-facing APIs are completely unprotected 2024-10-09 at 06:34 By Help Net Security 70% of customer-facing APIs are secured using HTTPS, leaving nearly one-third of these APIs completely unprotected, according to F5. This is a stark contrast to the 90% of web pages that are now accessed via HTTPS, following the push for secure
React to this headline:
30% of customer-facing APIs are completely unprotected Read More »
Could APIs be the undoing of AI? 2024-09-30 at 08:01 By Help Net Security Application programming interfaces (APIs) are essential to how generative AI (GenAI) functions with agents (e.g., calling upon them for data). But the combination of API and LLM issues coupled with rapid rollouts is likely to see numerous organizations having to combat
React to this headline:
Could APIs be the undoing of AI? Read More »
Cybercriminals capitalize on travel industry’s peak season 2024-08-28 at 06:31 By Help Net Security Cybercriminals are capitalizing on the travel and hospitality industry’s peak season, using increased traffic as cover for their attacks, according to Cequence Security. Researchers investigated the top 10 travel and hospitality sites to identify externally visible edge, cloud infrastructure, application stack,
React to this headline:
Cybercriminals capitalize on travel industry’s peak season Read More »
Common API security issues: From exposed secrets to unauthorized access 2024-08-19 at 06:01 By Help Net Security Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, which attackers frequently misuse. The
React to this headline:
Common API security issues: From exposed secrets to unauthorized access Read More »
35% of exposed API keys still active, posing major security risks 2024-08-13 at 06:01 By Help Net Security Nightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every year. Hidden risks of secret sprawl in cloud and SaaS
React to this headline:
35% of exposed API keys still active, posing major security risks Read More »
Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and
React to this headline:
Overlooked essentials: API security best practices Read More »
Using Authy? Beware of impending phishing attempts 2024-07-11 at 15:46 By Zeljka Zorz Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the
React to this headline:
Using Authy? Beware of impending phishing attempts Read More »
Security challenges mount as as companies handle thousands of APIs 2024-06-04 at 06:31 By Help Net Security Modern applications are taking over enterprise portfolios, with apps classed as modern now making up 51% of the total, up by more than a quarter in the last year, according to F5. According to the 2024 edition of
React to this headline:
Security challenges mount as as companies handle thousands of APIs Read More »
A closer look at Apiiro’s SHINE partner program 2024-05-01 at 16:46 By Help Net Security In this Help Net Security video, Adam LaGreca, Founder of 10KMedia, sat down with John Leon, VP of Partnerships at Apiiro, discusses the company’s new technology partner program SHINE. The name stands for the program’s guiding principles – Seamless, Holistic,
React to this headline:
A closer look at Apiiro’s SHINE partner program Read More »
Damn Vulnerable RESTaurant: Open-source API service designed for learning 2024-04-17 at 07:01 By Mirko Zorz Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developers, and security engineers where
React to this headline:
Damn Vulnerable RESTaurant: Open-source API service designed for learning Read More »
95% of companies face API security problems 2024-03-22 at 06:31 By Help Net Security Despite the critical role of APIs, the vast majority of commercial decision-makers are ignoring the burgeoning security risk for businesses, according to Fastly. Application Programming Interfaces (APIs) have long been recognised as a bedrock of the digital economy and recent figures
React to this headline:
95% of companies face API security problems Read More »
API environments becoming hotspots for exploitation 2024-03-20 at 06:01 By Help Net Security A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals, according to Akamai. API integration amplifies risk exposure for enterprises APIs are at the heart of digital
React to this headline:
API environments becoming hotspots for exploitation Read More »