API security
![API](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/26141959/api2-400x200.jpg)
APIs are increasingly becoming attractive targets
APIs, a technology that underpins today’s most used sites and apps, are being leveraged by businesses more than ever—ultimately opening the door to more online threats than …
![large language models](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/11160752/llms-2-400x200.jpg)
Top LLM vulnerabilities and how to mitigate the associated risk
As large language models (LLMs) become more prevalent, a comprehensive understanding of the LLM threat landscape remains elusive. But this uncertainty doesn’t mean progress …
![Vedran Cindric](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/15113322/vedran_cindric-2-treblle-400x200.jpg)
Cybersecurity challenges emerge in the wake of API expansion
In this Help Net Security interview, Vedran Cindric, CEO at Treblle, discusses the exponential growth of AI-related APIs, citing a 96% increase in 2023. He sheds light on the …
![gift](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/18140248/gift-dark-400x200.jpg)
Hackers employ nuanced tactics to evade detection
Threat actors evolved tactics, opting for a more nuanced approach that spread attacks across a broader timeframe to blend in with legitimate traffic and evade detection during …
![API](https://img.helpnetsecurity.com/wp-content/uploads/2023/05/02151220/api-400x200.jpg)
API security in 2024: Predictions and trends
As technology continues to advance at an unprecedented pace, so does the complexity of API (application programming interface) security. With the proliferation of APIs in …
![API](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/26141959/api2-400x200.jpg)
How AI is revolutionizing “shift left” testing in API security
Catching coding errors in API preproduction, before they are spun up and go live is critical in preventing exploitable vulnerabilities. It’s why we’ve seen “shift left” become …
![software](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/19151905/software-dev-400x200.jpg)
Key drivers of software security for financial services
Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was …
![GenAI](https://img.helpnetsecurity.com/wp-content/uploads/2023/10/27101941/genai3-400x200.jpg)
Rise in automated attacks troubles ecommerce industry
Automated attacks on application business logic, carried out by sophisticated bad bots, were the leading threat for online retailers, according to Imperva. In addition, …
![API](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/26142004/api1-400x200.jpg)
The new imperative in API security strategy
Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according …
![money](https://img.helpnetsecurity.com/wp-content/uploads/2019/05/09094415/money-1-400x200.jpg)
Financial organizations embrace automation for enhanced security
The security performance of financial applications generally outperforms other industries, with automation, targeted security training, and scanning via Application …
![API](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/26142004/api1-400x200.jpg)
Elevating API security to reinforce cyber defense
While APIs are essential to many operations and used extensively, a lack of prioritization and understanding is leading us towards a growing API security crisis, according to …
![API](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/26142001/api3-400x200.jpg)
Is the new OWASP API Top 10 helpful to defenders?
The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege