API Discovery – Common Topics We’re Asked About
This article is the first in a series of six covering key API security topics and provides some answers to common questions we often get when talking to potential customers. This series will cover the following topics: API Discovery (this article) API Posture Management Attack Protection API Security Testing Attack ... Read More
eBPF for API Security: The Devil’s in the Details
Application Programming Interfaces (APIs) facilitate seamless communication and data exchange between various software components, forming the connective tissue between modern enterprise applications. With the increasing dependence on applications and APIs, robust security measures are essential. The extended Berkeley Packet Filter (eBPF) is a promising technology for API security and traffic ... Read More
API Security Best Practices: Using OpenAPI to Improve API Security
The adoption of API specification frameworks like OpenAPI (OAS) encourages documentation best practices resulting in higher quality, more consistent API coding and improved API security. Historically, APIs were designed for machine-to-machine communications, and were rarely documented resulting in lower quality APIs and making it difficult to achieve the goals of ... Read More
3 Steps to Shielding Right While Shifting Left for API Protection
Most organizations have seen exponential growth in API usage in the last few years, driven by a rapid increase in mobile applications, containers, serverless computing, microservices architectures, and cloud adoption. However, APIs are a double-edged sword – bringing the benefits of rapid development and ease of integration to both the ... Read More
3 Steps to Shielding Right While Shifting Left for API Protection
Most organizations have seen exponential growth in API usage in the last few years, driven by a rapid increase in mobile applications, containers, serverless computing, microservices architectures, and cloud adoption. However, APIs are a double-edged sword – bringing the benefits of rapid development and ease of integration to both the ... Read More
Shield Right While Shifting Left to Eliminate FDX API Security Gaps at Runtime
As a member of the FDX (Financial Data Exchange) working group, I recently participated in a panel discussion at the FDX Spring Summit. The topic was how you should shield right as you shift left to protect data transmitted across the FDX API. To add more context to the discussion, ... Read More
Shield Right While Shifting Left to Eliminate FDX API Security Gaps at Runtime
As a member of the FDX (Financial Data Exchange) working group, I recently participated in a panel discussion at the FDX Spring Summit. The topic was how you should shield right as you shift left to protect data transmitted across the FDX API. To add more context to the discussion, ... Read More
The Open Banking API Security Imperative
The second Payment Services Directive (PSD2) in Europe, which requires banks to open their payment services to third parties via a series of APIs, has enabled a range of new FinTech products that make it easier for consumers and businesses to manage their finances. Meanwhile, in North America, there is ... Read More
API Security Need-to-Know: Ramifications of Weak API Authentication
In today’s blog, we will discuss the ramifications of unauthenticated APIs using the recently published ZIPNet vulnerability. ZIPNet is an online application operated by Law Enforcement Authorities in India to share Crime and Criminal information in real time. This includes a registry of reported crimes, wanted criminals, and proclaimed offenders, ... Read More