Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API

salt security

The Dell API Breach: It could have been prevented

May 17, 2024 By Hadar Freehling In Salt Security
As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack flow. The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, the attacker had a valid account.
Read Post

How to Protect Your Business From API Data Leaks

May 16, 2024 By Panoptica In Panoptica
Application Programming Interfaces (APIs) are rapidly becoming the primary attack vector for cloud native applications. In fact, according to one study, 92% of organizations have already experienced a security incident resulting from insecure APIs. This is because loosely coupled microservices predominantly intercommunicate via APIs. In this video, we will analyze a ‘ripped from the headlines’ case-study example of data leakage via insecure APIs. Then we will examine various API vulnerabilities that can be exploited by attackers to enable data leaks, including Broken User Authentication (BUA), Broken Object Level Authentication (BOLA), and Broken Function-Level Authentication (BFLA).
View Video

Discover 3 Key Benefits of Brivo's API Integrations!

May 10, 2024 By Brivo In Brivo
Effortlessly streamline your security tasks, ensuring smooth operations and peace of mind! Tailor your security setup to fit your unique needs, unlocking endless possibilities! Elevate your facility's capabilities while prioritizing safety at every turn! Unlock the power of Brivo's API integrations today and revolutionize your security approach! #Brivo #SecurityIntegration #safetyfirst.
View Video
noname security

Embed API Security Into Regulatory Compliance: Six Examples to Watch

May 9, 2024 By John Natale In Noname Security
Why have forty-four percent of enterprises been fined by regulators due to API security incidents? Regulators are beginning to see what attackers already know: exposed or misconfigured APIs are prevalent, easy to compromise, and often unprotected. Every time a customer, partner, or vendor engages with your business digitally, there’s an API behind the scenes facilitating a rapid exchange of data, often sensitive.
Read Post
salt security

Enabling GenAI with AI-infused API Security

May 7, 2024 By Michael Callahan In Salt Security
GenAI has the promise to transform companies, and introduce a lot of security risk. One of the main benefits of GenAI relates to the modernization of apps. Most companies are going through some type of app modernization. They are responding to the market by delivering better and better experiences to their customers. This is largely done through the experience people have with their apps. This ranges from banking to healthcare to travel and everywhere in between.
Read Post
wallarm

Best API Security Product: Wallarm wins 2024 Cybersecurity Excellence Award

May 7, 2024 By Wallarm In Wallarm
We are thrilled to announce that Wallarm has clinched the sought-after 2024 Cybersecurity Excellence Award, under the category Best API Security Product. Our unwavering commitment to pioneering solutions that safeguard digital ecosystems, and fortify API security amidst the evolving cyber threat landscape, has garnered industry-wide recognition. This accolade reaffirms Wallarm's position at the forefront of cybersecurity innovation, empowering businesses with confidence and resilience.
Read Post
wallarm

Tracking CVE-2024-2876: Why does the latest WordPress exploit compromise over 90,000 websites?

May 6, 2024 By Wallarm In Wallarm
A highly concerning security loophole was recently discovered in a WordPress plugin called "Email Subscribers by Icegram Express," a popular tool utilized by a vast network of over 90,000+ websites. Officially designated as CVE-2024-2876 with a CVSS score of 9.8 (critical), the vulnerability represents a significant threat as it exposes numerous websites to potential attacks.
Read Post
noname security

Noname Security Platform Updates: 3.30 Release

May 2, 2024 By Stas Neyman In Noname Security
The latest Noname Security 3.30 update includes a new feature that allows for convenient tracking of attacker IP addresses, as well as improved options for triggering workflows to resolve attacks faster. Additionally, the process of installing Noname Remote Engine on local Kubernetes clusters has been simplified.
Read Post
wallarm

Introducing the Wallarm Q1 2024 API ThreatStats Report

Apr 30, 2024 By Wallarm In Wallarm
As we have in previous editions of the ThreatStats report, we highlight the industry’s top API-related attacks and trends. New to this version, however, is a detailed analysis of API attacks targeting AI-based applications, representing a new and rapidly expanding threat vector. And while we encourage you to download the full report, here are some key observations about what you’ll find within. API threats to AI applications are clearly on the rise.
Read Post
Subscribe to API

Copyright © 2024 OpsMatters™. All rights reserved.