API security - Security Ticks

Top LLM vulnerabilities and how to mitigate the associated risk

API security, Artificial Intelligence, cybersecurity, Data leak, Don't miss, Expert analysis, Expert corner, Hot stuff, Lakera, News, opinion, risk, strategy / SecurityTicks

Top LLM vulnerabilities and how to mitigate the associated risk 2024-01-10 at 07:31 By Help Net Security As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress should grind to a halt: Exploring AI is essential to staying competitive, meaning CISOs […]

Top LLM vulnerabilities and how to mitigate the associated risk Read More »

Cybersecurity challenges emerge in the wake of API expansion

API security, Artificial Intelligence, authentication, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, Treblle / SecurityTicks

Cybersecurity challenges emerge in the wake of API expansion 2024-01-03 at 08:01 By Mirko Zorz In this Help Net Security interview, Vedran Cindric, CEO at Treblle, discusses the exponential growth of AI-related APIs, citing a 96% increase in 2023. He sheds light on the integral role APIs play in powering AI interactions, revealing the invisible

Cybersecurity challenges emerge in the wake of API expansion Read More »

Hackers employ nuanced tactics to evade detection

API security, attacks, bot, Cequence Security, cybercriminals, cybersecurity, News, report / SecurityTicks

Hackers employ nuanced tactics to evade detection 2024-01-02 at 07:01 By Help Net Security Threat actors evolved tactics, opting for a more nuanced approach that spread attacks across a broader timeframe to blend in with legitimate traffic and evade detection during peak holiday shopping times, according to Cequence Security. 2023 holiday season unveiled alarming realities

Hackers employ nuanced tactics to evade detection Read More »

API security in 2024: Predictions and trends

API security, automation, cybersecurity, Don't miss, Expert analysis, Expert corner, Graylog, Hot stuff, News, opinion, Privacy, regulation / SecurityTicks

API security in 2024: Predictions and trends 2023-12-29 at 07:02 By Help Net Security As technology continues to advance at an unprecedented pace, so does the complexity of API (application programming interface) security. With the proliferation of APIs in modern applications and services, organizations will need to develop a better understanding of their API environments

API security in 2024: Predictions and trends Read More »

How AI is revolutionizing “shift left” testing in API security

API security, Application Security, Artificial Intelligence, Cequence Security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion / SecurityTicks

How AI is revolutionizing “shift left” testing in API security 05/12/2023 at 08:33 By Help Net Security Catching coding errors in API preproduction, before they are spun up and go live is critical in preventing exploitable vulnerabilities. It’s why we’ve seen “shift left” become a significant focus in API development, whereby DevOps takes responsibility for

How AI is revolutionizing “shift left” testing in API security Read More »

Key drivers of software security for financial services

API security, automation, code, cybersecurity, Don't miss, Hot stuff, software, Veracode, Video / SecurityTicks

Key drivers of software security for financial services 01/12/2023 at 07:32 By Help Net Security Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was the lowest of all industries analyzed and has improved since last year. The research also

Key drivers of software security for financial services Read More »

Rise in automated attacks troubles ecommerce industry

account hijacking, API security, bot, cybercrime, cybercriminals, cybersecurity, data, DDoS, holidays, Imperva, News, online behavior, report, survey / SecurityTicks

Rise in automated attacks troubles ecommerce industry 17/11/2023 at 07:03 By Help Net Security Automated attacks on application business logic, carried out by sophisticated bad bots, were the leading threat for online retailers, according to Imperva. In addition, account takeover, DDoS, API abuse, and client-side attacks were significant risks. The ecommerce industry remains a lucrative

Rise in automated attacks troubles ecommerce industry Read More »

The new imperative in API security strategy

access control, API security, authentication, cybersecurity, News, report, SSO, survey, Wallarm / SecurityTicks

The new imperative in API security strategy 16/11/2023 at 07:01 By Help Net Security Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according to Wallarm. Prioritizing AAA principles Open authentication (OAuth), single-sign on (SSO) and JSON Web Token (JWT),

The new imperative in API security strategy Read More »

Financial organizations embrace automation for enhanced security

API security, automation, cybersecurity, financial industry, News, regulation, report, software, training, Veracode / SecurityTicks

Financial organizations embrace automation for enhanced security 03/11/2023 at 07:31 By Help Net Security The security performance of financial applications generally outperforms other industries, with automation, targeted security training, and scanning via Application Programming Interface (API) contributing to a year-over-year reduction in the percentage of applications containing flaws, according to Veracode. Against a backdrop of

Financial organizations embrace automation for enhanced security Read More »

Elevating API security to reinforce cyber defense

API security, cybersecurity, data breach, DDoS, News, Ponemon Institute, report, Traceable AI, zero trust / SecurityTicks

Elevating API security to reinforce cyber defense 11/09/2023 at 06:32 By Help Net Security While APIs are essential to many operations and used extensively, a lack of prioritization and understanding is leading us towards a growing API security crisis, according to a report by Traceable AI and Ponemon Institute. The urgency for API security Within

Elevating API security to reinforce cyber defense Read More »

Is the new OWASP API Top 10 helpful to defenders?

API security, attacks, authentication, automation, bot, Cequence Security, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, OWASP, SSO / SecurityTicks

Is the new OWASP API Top 10 helpful to defenders? 30/08/2023 at 07:32 By Help Net Security The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception. First drafted five years ago and updated

Is the new OWASP API Top 10 helpful to defenders? Read More »

Understanding how attackers exploit APIs is more important than ever

API security, cybersecurity, Don't miss, Hot stuff, how-to, Intruder, programming, strategy, tips, Video / SecurityTicks

Understanding how attackers exploit APIs is more important than ever 22/08/2023 at 06:32 By Help Net Security In this Help Net Security video, Andy Hornegold, Product Lead at Intruder, dives into API security and explores how several recent high-profile breaches were caused by simple failings – which didn’t require sophisticated security to prevent. The number

Understanding how attackers exploit APIs is more important than ever Read More »

How to handle API sprawl and the security threat it poses

API security, cybersecurity, Don't miss, Expert analysis, Expert corner, F5 Networks, Hot stuff, opinion, vulnerability / SecurityTicks

How to handle API sprawl and the security threat it poses 11/08/2023 at 08:34 By Help Net Security The proliferation of APIs has marked them as prime targets for malicious attackers. With recent reports indicating that API vulnerabilities are costing businesses billions of dollars annually, it’s no wonder they are at the top of mind

How to handle API sprawl and the security threat it poses Read More »

API tools and services are fueling revenue growth

API security, News, Postman, programming, report, software development / SecurityTicks

API tools and services are fueling revenue growth 07/07/2023 at 06:40 By Help Net Security As more companies recognize APIs as the building blocks of modern software, API tools and services are evolving to meet their needs, according to Postman. Adopting an API-first approach “More companies are adopting an API-first approach to software development, and

API tools and services are fueling revenue growth Read More »

Employees worry less about cybersecurity best practices in the summer

API security, Application Security, BYOD, cybersecurity, News, remote working, report, survey, ThreatX / SecurityTicks

Employees worry less about cybersecurity best practices in the summer 30/06/2023 at 04:17 By Help Net Security IT teams are struggling to monitor and enforce BYOD (Bring Your Own Device) policies during summer months when more employees are often traveling or working remotely, according to ThreatX. With more endpoints and applications in use, and often

Employees worry less about cybersecurity best practices in the summer Read More »

The root causes of API incidents and data breaches

API security, cybersecurity, Don't miss, FireTail, Hot stuff, strategy, tips, Video / SecurityTicks

The root causes of API incidents and data breaches 30/05/2023 at 07:40 By Help Net Security API calls make up the majority of our digital lives. Take, for example, the everyday use of a cloud-based food delivery app, which could involve up to 25 API calls. Between the order being placed, transmission to the restaurant,

The root causes of API incidents and data breaches Read More »

The fragmented nature of API security ownership

API security, cybersecurity, Industry news, Traceable AI / SecurityTicks

The fragmented nature of API security ownership 23/05/2023 at 06:34 By Help Net Security While API security remains a top cybersecurity concern this year, there is still an alarming lack of implementation for most companies, according to Traceable AI. Companies overlook API security Companies are struggling with unchecked API sprawl, lack of clarity on who

The fragmented nature of API security ownership Read More »

Attack automation becomes a prevalent threat against APIs

API security, attacks, Cequence Security, CISO, News, report / SecurityTicks

Attack automation becomes a prevalent threat against APIs 16/05/2023 at 16:09 By Help Net Security The second half of 2022 marked a significant turning point in the security landscape. In several high-profile incidents, application programming interfaces (APIs) emerged as a primary attack vector, posing a new and significant threat to organizations’ security posture, according to

Attack automation becomes a prevalent threat against APIs Read More »

Unattended API challenge: How we’re losing track and can we get full visibility

API security, BLST Security, CISO, Cloud, data breach, Don't miss, News, opinion, vulnerability / SecurityTicks

Unattended API challenge: How we’re losing track and can we get full visibility 09/05/2023 at 08:13 By Help Net Security API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate. As highlighted by Postman’s 2022 State of the API Report, “89% of respondents said organizations’

Unattended API challenge: How we’re losing track and can we get full visibility Read More »