API security
Autoswagger: Open-source tool to expose hidden API authorization flaws
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises …
CISOs urged to fix API risk before regulation forces their hand
Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam. Their report draws on a …
Identifying high-risk APIs across thousands of code repositories
In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and …
How to find out if your AI vendor is a security risk
One of the most pressing concerns with AI adoption is data leakage. Consider this: An employee logs into their favorite AI chatbot, pastes sensitive corporate data, and asks …
The API security crisis and why businesses are at risk
In this Help Net Security video, Ivan Novikov, CEO of Wallarm, discusses the 2025 API ThreatStats Report, highlighting how APIs have become the primary attack surface over the …
89% of AI-powered APIs rely on insecure authentication mechanisms
APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, …
API security blind spots put businesses at risk
Many customer-facing APIs remain unprotected, leaving businesses vulnerable to breaches. To address these threats, a comprehensive approach to API security, covering every …
Exposed APIs and issues in the world’s largest organizations
In this Help Net Security video, Tristan Kalos, CEO of Escape, discusses the results of its 2024 State of API Exposure report. The study highlights significant API security …
AI’s impact on the future of web application security
In this Help Net Security interview, Tony Perez, CEO at NOC.org, discusses the role of continuous monitoring for real-time threat detection, the unique risks posed by APIs, …
How AI will shape the next generation of cyber threats
In this Help Net Security interview, Buzz Hillestad, CISO at Prismatic, discusses how AI’s advancement reshapes cybercriminal skillsets and lowers entry barriers for …
Product showcase: Shift API security left with StackHawk
With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a …
The dark side of API security
APIs are the backbone of digital transformation efforts, connecting applications across organizations, so their security is of the utmost importance. In this Help Net Security …
Featured news
Resources
Don't miss
- What makes a security program mature and how to get there faster
- EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations
- Win-DDoS: Attackers can turn public domain controllers into DDoS agents
- How Brandolini’s law informs our everyday infosec reality
- From legacy to SaaS: Why complexity is the enemy of enterprise security