API security warrants its own specific solution

Application programming interfaces (APIs) enable developers to quickly and easily roll-out services but they’re also equally attractive to attackers. This is because they can …

What is wrong with developer security training?

“Turn a developer into a hacker” is a commonly heard call. There are many online courses and trainings that ostensibly teach developers how to write code that’s …

Why XSS is still an XXL issue in 2021

Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a …