Knowing Your APIs Securing Them #APIvisibility #APImanagement #DevSecOps
You might know how many APIs you have—but are you keeping them up to date, secured, and monitored? Visibility is just the beginning.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Debunking API Security Myths
I recently sat down with Tejpal Garwhal, Application Security and DevSecOps Leader, for a conversation debunking some of the most common API security myths. From zombie endpoints to the limits of WAFS and gateways, we covered what’s really happening on the ground; and what security teams need to do differently. Here’s a quick rundown of the key takeaways, but for the full picture, watch the full webinar.
Fail-Open Architecture for Secure Inline Protection on Azure
Every inline deployment introduces a tradeoff: enhanced inspection versus increased risk of downtime. Inline protection is important, especially for APIs, which are now the most targeted attack surface, but so is consistent uptime and performance. This is where a fail-open architecture comes in.
CISO Spotlight: Andrew Storms on Trust, AI, and Why CISOs Need to Be Optimists
Andrew Storms, VP of Security at Replicated, has spent three decades on the frontlines of cybersecurity. From building Unix systems in the early ‘90s to leading incident response and AI security strategies today, he has seen the CISO role evolve from back-office function to boardroom mainstay. In this spotlight, he shares the lessons that shaped his thinking, why storytelling is a critical CISO skill, and how API security is no longer optional.
Too Many APIs, Too Little Control #APIsprawl #Visibility #DevOps
By 2025, over half of enterprise APIs may go unmanaged. The faster we build, the harder it is to see what’s running.
Understanding the NCSC's New API Security Guidance
Legislative, regulatory, and advisory bodies the world over are waking up to the importance of API security. Most recently, the UK’s National Cyber Security Centre (NCSC) has published detailed guidance on best practices for building and maintaining secure APIs. In this blog, we’ll break down that guidance and explore how Wallarm’s platform can help you align with each one.
How AI Supercharges the API Threat Landscape AIsecurity #APIs #APIexplosion
AI is revolutionizing how we build software—but it’s also driving rapid, unsecured API growth. Learn how AI agents connect systems fast...
Inside the AI Threat Landscape: From Jailbreaks to Prompt Injections and Agentic AI Risks
AI has officially moved out of the novelty phase. What began with people messing around with LLM-powered GenAI tools for content creation has rapidly evolved into a complex web of agentic AI systems that form a critical part of the modern corporate landscape. However, this transformation has given new life to old threats, transforming the API security landscape all over again.
API Iceberg: The Hidden Risk Lurking Below the Surface #APIsecurity #InternalAPIs #HiddenRisk
Most security teams focus on public APIs—but what about the internal ones you can’t see? As architectures evolve, hidden APIs become silent threats.
What CISA's BOD 25-01 Means for API Security and How Wallarm Can Help
The US government has taken another significant step towards strengthening cloud security with the release of CISA’s Binding Operational Directive (BOD) 25-01. Aimed at improving the security posture of federal cloud environments, BOD 25-01 mandates robust configuration, visibility, and control across cloud-based services. While the directive doesn’t explicitly name API security, securing modern cloud systems relies on securing APIs - including the ones security teams don’t know about.