API security

5 ways to keep API integrations secure

API security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Merge, News, opinion, SIEM, software, update /

5 ways to keep API integrations secure 2024-03-06 at 08:20 By Help Net Security API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card data. Keeping this data safe from attackers—while ensuring that the integrations perform at the desired level—requires adopting several security measures. […]

React to this headline:

Loading spinner

5 ways to keep API integrations secure Read More »

Using AI to reduce false positives in secrets scanners

API security, Artificial Intelligence, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Features, Hot stuff, Legit Security, News, opinion, SSH /

Using AI to reduce false positives in secrets scanners 2024-02-27 at 08:02 By Help Net Security As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication. These tokens are the glue that keeps any

React to this headline:

Loading spinner

Using AI to reduce false positives in secrets scanners Read More »

The importance of a good API security strategy

API security, cyber risk, Don't miss, Hot stuff, News, software development, strategy, threats /

The importance of a good API security strategy 2024-02-21 at 06:32 By Helga Labus In 2024, API requests accounted for 57% of dynamic internet traffic around the globe, according to the Cloudflare 2024 API Security & Management Report, confirming that APIs are a crucial component of modern software development. But with their increased adoption over

React to this headline:

Loading spinner

The importance of a good API security strategy Read More »

Researchers discover exposed API secrets, impacting major tech tokens

API security, AWS, cybersecurity, Data leak, Escape, GitHub, News, Slack, Stripe /

Researchers discover exposed API secrets, impacting major tech tokens 2024-02-05 at 07:33 By Help Net Security Escape’s security research team scanned 189.5 million URLs and found more than 18,000 exposed API secrets. 41% of exposed secrets were highly critical, i.e. could lead to financial risks for the organizations. Exposed API secrets The exposed secrets include

React to this headline:

Loading spinner

Researchers discover exposed API secrets, impacting major tech tokens Read More »

APIs are increasingly becoming attractive targets

API security, Cloudflare, cybercrime, cybersecurity, News, report, survey /

APIs are increasingly becoming attractive targets 2024-01-11 at 06:01 By Help Net Security APIs, a technology that underpins today’s most used sites and apps, are being leveraged by businesses more than ever—ultimately opening the door to more online threats than seen before, according to Cloudflare. APIs power the digital world—our phones, smartwatches, banking systems and

React to this headline:

Loading spinner

APIs are increasingly becoming attractive targets Read More »

Top LLM vulnerabilities and how to mitigate the associated risk

API security, Artificial Intelligence, cybersecurity, Data leak, Don't miss, Expert analysis, Expert corner, Hot stuff, Lakera, News, opinion, risk, strategy /

Top LLM vulnerabilities and how to mitigate the associated risk 2024-01-10 at 07:31 By Help Net Security As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress should grind to a halt: Exploring AI is essential to staying competitive, meaning CISOs

React to this headline:

Loading spinner

Top LLM vulnerabilities and how to mitigate the associated risk Read More »

Cybersecurity challenges emerge in the wake of API expansion

API security, Artificial Intelligence, authentication, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, Treblle /

Cybersecurity challenges emerge in the wake of API expansion 2024-01-03 at 08:01 By Mirko Zorz In this Help Net Security interview, Vedran Cindric, CEO at Treblle, discusses the exponential growth of AI-related APIs, citing a 96% increase in 2023. He sheds light on the integral role APIs play in powering AI interactions, revealing the invisible

React to this headline:

Loading spinner

Cybersecurity challenges emerge in the wake of API expansion Read More »

Hackers employ nuanced tactics to evade detection

API security, attacks, bot, Cequence Security, cybercriminals, cybersecurity, News, report /

Hackers employ nuanced tactics to evade detection 2024-01-02 at 07:01 By Help Net Security Threat actors evolved tactics, opting for a more nuanced approach that spread attacks across a broader timeframe to blend in with legitimate traffic and evade detection during peak holiday shopping times, according to Cequence Security. 2023 holiday season unveiled alarming realities

React to this headline:

Loading spinner

Hackers employ nuanced tactics to evade detection Read More »

API security in 2024: Predictions and trends

API security, automation, cybersecurity, Don't miss, Expert analysis, Expert corner, Graylog, Hot stuff, News, opinion, Privacy, regulation /

API security in 2024: Predictions and trends 2023-12-29 at 07:02 By Help Net Security As technology continues to advance at an unprecedented pace, so does the complexity of API (application programming interface) security. With the proliferation of APIs in modern applications and services, organizations will need to develop a better understanding of their API environments

React to this headline:

Loading spinner

API security in 2024: Predictions and trends Read More »

How AI is revolutionizing “shift left” testing in API security

API security, Application Security, Artificial Intelligence, Cequence Security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion /

How AI is revolutionizing “shift left” testing in API security 05/12/2023 at 08:33 By Help Net Security Catching coding errors in API preproduction, before they are spun up and go live is critical in preventing exploitable vulnerabilities. It’s why we’ve seen “shift left” become a significant focus in API development, whereby DevOps takes responsibility for

React to this headline:

Loading spinner

How AI is revolutionizing “shift left” testing in API security Read More »

Key drivers of software security for financial services

API security, automation, code, cybersecurity, Don't miss, Hot stuff, software, Veracode, Video /

Key drivers of software security for financial services 01/12/2023 at 07:32 By Help Net Security Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. The research also

React to this headline:

Loading spinner

Key drivers of software security for financial services Read More »

The new imperative in API security strategy

access control, API security, authentication, cybersecurity, News, report, SSO, survey, Wallarm /

The new imperative in API security strategy 16/11/2023 at 07:01 By Help Net Security Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according to Wallarm. Prioritizing AAA principles Open authentication (OAuth), single-sign on (SSO) and JSON Web Token (JWT),

React to this headline:

Loading spinner

The new imperative in API security strategy Read More »

Financial organizations embrace automation for enhanced security

API security, automation, cybersecurity, financial industry, News, regulation, report, software, training, Veracode /

Financial organizations embrace automation for enhanced security 03/11/2023 at 07:31 By Help Net Security The security performance of financial applications generally outperforms other industries, with automation, targeted security training, and scanning via Application Programming Interface (API) contributing to a year-over-year reduction in the percentage of applications containing flaws, according to Veracode. Against a backdrop of

React to this headline:

Loading spinner

Financial organizations embrace automation for enhanced security Read More »

Elevating API security to reinforce cyber defense

API security, cybersecurity, data breach, DDoS, News, Ponemon Institute, report, Traceable AI, zero trust /

Elevating API security to reinforce cyber defense 11/09/2023 at 06:32 By Help Net Security While APIs are essential to many operations and used extensively, a lack of prioritization and understanding is leading us towards a growing API security crisis, according to a report by Traceable AI and Ponemon Institute. The urgency for API security Within

React to this headline:

Loading spinner

Elevating API security to reinforce cyber defense Read More »

Is the new OWASP API Top 10 helpful to defenders?

API security, attacks, authentication, automation, bot, Cequence Security, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, OWASP, SSO /

Is the new OWASP API Top 10 helpful to defenders? 30/08/2023 at 07:32 By Help Net Security The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception. First drafted five years ago and updated

React to this headline:

Loading spinner

Is the new OWASP API Top 10 helpful to defenders? Read More »

Understanding how attackers exploit APIs is more important than ever

API security, cybersecurity, Don't miss, Hot stuff, how-to, Intruder, programming, strategy, tips, Video /

Understanding how attackers exploit APIs is more important than ever 22/08/2023 at 06:32 By Help Net Security In this Help Net Security video, Andy Hornegold, Product Lead at Intruder, dives into API security and explores how several recent high-profile breaches were caused by simple failings – which didn’t require sophisticated security to prevent. The number

React to this headline:

Loading spinner

Understanding how attackers exploit APIs is more important than ever Read More »

How to handle API sprawl and the security threat it poses

API security, cybersecurity, Don't miss, Expert analysis, Expert corner, F5 Networks, Hot stuff, opinion, vulnerability /

How to handle API sprawl and the security threat it poses 11/08/2023 at 08:34 By Help Net Security The proliferation of APIs has marked them as prime targets for malicious attackers. With recent reports indicating that API vulnerabilities are costing businesses billions of dollars annually, it’s no wonder they are at the top of mind

React to this headline:

Loading spinner

How to handle API sprawl and the security threat it poses Read More »

API tools and services are fueling revenue growth

API security, News, Postman, programming, report, software development /

API tools and services are fueling revenue growth 07/07/2023 at 06:40 By Help Net Security As more companies recognize APIs as the building blocks of modern software, API tools and services are evolving to meet their needs, according to Postman. Adopting an API-first approach “More companies are adopting an API-first approach to software development, and

React to this headline:

Loading spinner

API tools and services are fueling revenue growth Read More »