MindAPI makes API security research and testing easier
Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. “I love mind maps. …
API security
80% of security leaders would like more control over their API security
There are major gaps in API security based on insights from over 100 senior security leaders at large enterprises in the United States and Europe, an Imvision report reveals. …
Protecting the digital workplace with an integrated security strategy
COVID-19 propelled the world of IT years into the future. Organizations considering long-term digital transformation plans were abruptly forced to accelerate their timeline, …
C-level executives driving the adoption of MACH across their organizations
Out with the old, in with MACH. That’s what a poll of global IT leaders found regarding their plans to revamp, or retain, their enterprise architectures. The research, …
mHealth apps consistently expose PII and PHI through APIs
All of the 30 popular mHealth apps that were tested are vulnerable to API attacks that can allow unauthorized access to full patient records including protected health …
API security concerns hindering new application rollouts
66% of organizations admit to having slowed the rollout of a new application into production because of API security concerns, a Salt Security report reveals. In addition, 54% …
Organizations struggle to maintain application security across platforms
Global organizations are struggling to maintain consistent application security across multiple platforms, and they are also losing visibility with the emergence of new …
40% of COVID-19 contact tracing apps lack basic protections
Guardsquare announced the release of a report which reassesses the levels of security protections and privacy risks of COVID-19 contact tracing apps. The report found that of …
Three immediate steps to take to protect your APIs from security risks
In one form or another, APIs have been around for years, bringing the benefits of ease of use, efficiency and flexibility to the developer community. The advantage of using …
Credential stuffing is just the tip of the iceberg
Credential stuffing attacks are taking up a lot of the oxygen in cybersecurity rooms these days. A steady blitz of large-scale cybersecurity breaches in recent years have …
Swap Detector: Open source tool for detecting API usage errors
GrammaTech has released Swap Detector, an open source tool that enables developers and DevOps teams to identify errors due to swapped function arguments, which can also be …
Meetup vulnerabilities enabled group takeovers, payment redirections
Two high-risk vulnerabilities in Meetup, a popular online service that’s used to create groups that host local in-person events, allowed attackers to easily take over …
