APIs are vital to the financial sector, enabling seamless interactions and efficient operations. However, recent high-profile breaches highlight the urgent need for stronger API security. Financial institutions, in particular, are prime targets for cybercriminals, due to the sensitive nature of the data they handle. The exposure of such sensitive data through APIs can have severe consequences ...
API
September 19, 2024
September 05, 2024
Another RSA Conference has come and gone, but not without imparting the wisdom of its attendees who took part in Traceable AI's second annual survey ... The results from this year's survey portrayed a clear message: organizations are struggling to keep up with the continuously evolving challenges of API security ...
August 19, 2024
Platform Engineering is not new. However, as API management becomes more critical and complicated, connecting the world, platform engineering is also evolving to be a vital component of modern digital business. API developers play a crucial role in creating, managing, and scaling APIs to meet the demands of their organizations and customers. What should developers understand about the current state of platform engineering? ...
July 29, 2024
Security teams are struggling to keep pace with the risks posed by organizations' dependency on modern applications — the technology that underpins all of today's most used sites, according to Cloudflare's State of Application Security 2024 Report ...
July 22, 2024
Considering the growing sophistication and frequency of cyberattacks, enterprises must make security a priority when developing new applications. To protect sensitive data and preserve the integrity of corporate operations, it's essential to follow the best practices. This blog discusses the best practices for secure enterprise application development so that your subsequent application development becomes easy, safe, and time effective ...
July 16, 2024
API abuse is rampant, impacting organizations of all sizes and industries ... Despite increasing awareness, many organizations are still in the initial stages of implementing strong API security. Our recent research, the Salt Security State of API Security Report 2024, painted a concerning picture of the current state of the market ...
July 15, 2024
B2B SaaS companies add enormous customer value to their products with built-in integrations to their customers' other tools. These connections reduce friction and streamline tasks. Could your SaaS company use your existing developers to build integrations entirely in-house? Absolutely. But should you? Possibly not ...
June 06, 2024
API security requires a holistic approach to the design, implementation, maintenance, and lifecycle management of all things API. With API traffic making up almost 70% of all Internet traffic, they are a lucrative target for cybercriminals. 84% of organizations admit they don’t currently have advanced API security in their stack, so it’s unsurprising that API-related security incidents cost global businesses as much as $75 billion annually ...
June 03, 2024
There is no way to overestimate the significance of strong application security in the quickly changing digital world ... In this blog, we explore some key trends shaping the landscape of application security testing services in 2023 ...
April 01, 2024
Today, more than 98% of websites around the world use JavaScript as their go-to client-side coding language. But this use introduces challenges — today the average web page has more than 60 third-party scripts that are unmonitored and have uncontrolled access to forms and data anywhere on the page. Here are four examples of challenges businesses are facing as a result ...
March 13, 2024
The number and severity of API attacks and vulnerabilities are increasing according to the API ThreatStats™2024 Report from Wallarm — there was a 30% increase in API-related Common Vulnerabilities and Exposures (CVEs) and security bulletins in 2023 compared to 2022 ...
February 26, 2024
Regardless of what kind of technology you're working with, boosting productivity is pivotal in today's market due to the proliferation of new innovations, the increase of AI, and an increasing consumer demand for a faster time to market. Developer productivity holds immense importance, not merely in coding faster but in making every minute count, particularly when time is constantly working against you ...
February 14, 2024
Everyone can agree that application programming interface (API) security is important, but whose responsibility is it? Many organizations don't have a clear answer — and this presents a major opportunity for developers to step up into an important new role: API champion ...
February 01, 2024
The acceleration of digital transformation and subsequent rise in API, containerization, and multi-cloud deployments are creating a dynamic attack surface that's growing increasingly complex. Maintaining visibility to keep track of new, changed, unmanaged, or insecure APIs grows increasingly difficult ...
January 10, 2024
While developers are facing internal pressure to build next-generation applications at astronomical speed, security teams are wrangling with an increasingly volatile cyber threat landscape, growing consumer concerns for applications built to secure their data, and the broad surface of threats they have to cover along with API security ... In most instances, the roadblocks faced by both teams comes down to a lack of clear communication and the absence of workflow policies and procedures, which often prove detrimental.So how can organizations start to bridge this gap and enable these teams to perform together at the highest level? ...
December 05, 2023
Part 2 covers application development: In 2024, composable applications will gain prominence as organizations seek faster development cycles, scalability, and cost efficiency ...
Updated OWASP Top 10 for API Security Underscores the Challenge of Mitigating Business Logic Attacks
November 29, 2023
The OWASP Foundation updated the API Security Top 10 list for 2023, outlining the most critical security risks for APIs in production. The updated guidance highlights just how much the API security landscape has changed since the original list was published in 2019 — including the rapid rise of business logic attacks (BLAs). Three of the top five categories on the Top 10 list are now related to business logic abuse, compared to just two in 2019. The updated list underscores the fact that if organizations want to bolster their API security, implementing safeguards capable of detecting and remediating abuse of business logic needs to be a priority ...
November 08, 2023
The marriage between AI and API security seems like an odd pairing at first. Dubbed a threat to API security, generative AI applications can be easily customized to create and run multiple scenarios to expose weaknesses in APIs. Moreover, given the right datasets, hackers can train AI to plan and execute attacks that evade traditional API security solutions. However, those qualities make artificial intelligence and machine learning the technology that may be missing in your API security stack ...
November 06, 2023
In the battle to secure APIs, many organizations are losing. The reason being that many organizations don't know the extent of API risk. From complacency in creating comprehensive security risk profiles for APIs, failing to pinpoint API endpoints managing sensitive data without adequate authentication, and deferring finding a consensus on who should own the responsibility of API security, organizations are coming up short ...
October 31, 2023
While most may be scared of goblins and ghouls this Halloween, the real threat to enterprise organizations this spooky season are zombie APIs. Though it may be Halloween, developer and security teams are spooked year round by these undetected threats. According to a recent report, approximately 92% of organizations have been impacted by at least one API security-related incident in the past 12 months, while 57% reported experiencing multiple API security incidents in the same time frame ...
October 30, 2023
It's understood that APIs are essential building blocks of modern software. But are APIs products in their own right, ones that can produce revenue? Most API developers and professionals say yes, with 60% viewing their APIs as products, according to Postman's 2023 State of the API Report ...
October 24, 2023
The majority (75%) of organizations typically change or update their APIs on a daily or weekly basis, creating a significant challenge for protecting the changing API attack surface, according to Securing the API Attack Surface, a report from Data Theorem and ESG ...
October 11, 2023
With the rapid increase in API usage also comes an increase in malicious actors targeting APIs as a gateway to customer and company data. That's why ensuring that your API integrations are safe is no longer simply a technical requirement, it is a responsibility that developers and organizations cannot take lightly. Here are three ways to ensure that your next API integration doesn't leave you, or your users, vulnerable ...
September 14, 2023
API security should be a key part of any organization's security strategy today; however, it's often overlooked. APIs make up 83 percent of all web traffic, and they play a vital role in nearly all modern mobile and web applications, as well as containers and microservices. APIs are designed to be accessed by third parties, which exposes them to a broader spectrum of potential attacks compared to traditional web applications ...
September 07, 2023
APIs don't exist in a vacuum — they need a way to be tied to your backend systems. This is where a multi-function iPaaS can assist. When combined with the power of API governance to support DevOps, you've just equipped your team with its version of Batman and Robin, the heroes of your organization's digital transformation ...
