API

July 22, 2024

Considering the growing sophistication and frequency of cyberattacks, enterprises must make security a priority when developing new applications. To protect sensitive data and preserve the integrity of corporate operations, it's essential to follow the best practices. This blog discusses the best practices for secure enterprise application development so that your subsequent application development becomes easy, safe, and time effective ...

July 16, 2024

API abuse is rampant, impacting organizations of all sizes and industries ... Despite increasing awareness, many organizations are still in the initial stages of implementing strong API security. Our recent research, the Salt Security State of API Security Report 2024, painted a concerning picture of the current state of the market ...

July 15, 2024

B2B SaaS companies add enormous customer value to their products with built-in integrations to their customers' other tools. These connections reduce friction and streamline tasks. Could your SaaS company use your existing developers to build integrations entirely in-house? Absolutely. But should you? Possibly not ...

June 06, 2024

API security requires a holistic approach to the design, implementation, maintenance, and lifecycle management of all things API. With API traffic making up almost 70% of all Internet traffic, they are a lucrative target for cybercriminals. 84% of organizations admit they don’t currently have advanced API security in their stack, so it’s unsurprising that API-related security incidents cost global businesses as much as $75 billion annually ...

June 03, 2024

There is no way to overestimate the significance of strong application security in the quickly changing digital world ... In this blog, we explore some key trends shaping the landscape of application security testing services in 2023 ...

April 01, 2024

Today, more than 98% of websites around the world use JavaScript as their go-to client-side coding language. But this use introduces challenges — today the average web page has more than 60 third-party scripts that are unmonitored and have uncontrolled access to forms and data anywhere on the page. Here are four examples of challenges businesses are facing as a result ...

March 13, 2024

The number and severity of API attacks and vulnerabilities are increasing according to the API ThreatStats™2024 Report from Wallarm — there was a 30% increase in API-related Common Vulnerabilities and Exposures (CVEs) and security bulletins in 2023 compared to 2022 ...

February 26, 2024

Regardless of what kind of technology you're working with, boosting productivity is pivotal in today's market due to the proliferation of new innovations, the increase of AI, and an increasing consumer demand for a faster time to market. Developer productivity holds immense importance, not merely in coding faster but in making every minute count, particularly when time is constantly working against you ...

February 14, 2024

Everyone can agree that application programming interface (API) security is important, but whose responsibility is it? Many organizations don't have a clear answer — and this presents a major opportunity for developers to step up into an important new role: API champion ...

February 01, 2024

The acceleration of digital transformation and subsequent rise in API, containerization, and multi-cloud deployments are creating a dynamic attack surface that's growing increasingly complex. Maintaining visibility to keep track of new, changed, unmanaged, or insecure APIs grows increasingly difficult ...

January 10, 2024

While developers are facing internal pressure to build next-generation applications at astronomical speed, security teams are wrangling with an increasingly volatile cyber threat landscape, growing consumer concerns for applications built to secure their data, and the broad surface of threats they have to cover along with API security ... In most instances, the roadblocks faced by both teams comes down to a lack of clear communication and the absence of workflow policies and procedures, which often prove detrimental.So how can organizations start to bridge this gap and enable these teams to perform together at the highest level? ...

December 05, 2023

Part 2 covers application development: In 2024, composable applications will gain prominence as organizations seek faster development cycles, scalability, and cost efficiency ...

November 29, 2023

The OWASP Foundation updated the API Security Top 10 list for 2023, outlining the most critical security risks for APIs in production. The updated guidance highlights just how much the API security landscape has changed since the original list was published in 2019 — including the rapid rise of business logic attacks (BLAs). Three of the top five categories on the Top 10 list are now related to business logic abuse, compared to just two in 2019. The updated list underscores the fact that if organizations want to bolster their API security, implementing safeguards capable of detecting and remediating abuse of business logic needs to be a priority ...

November 08, 2023

The marriage between AI and API security seems like an odd pairing at first. Dubbed a threat to API security, generative AI applications can be easily customized to create and run multiple scenarios to expose weaknesses in APIs. Moreover, given the right datasets, hackers can train AI to plan and execute attacks that evade traditional API security solutions. However, those qualities make artificial intelligence and machine learning the technology that may be missing in your API security stack ...

November 06, 2023

In the battle to secure APIs, many organizations are losing. The reason being that many organizations don't know the extent of API risk. From complacency in creating comprehensive security risk profiles for APIs, failing to pinpoint API endpoints managing sensitive data without adequate authentication, and deferring finding a consensus on who should own the responsibility of API security, organizations are coming up short ...

October 31, 2023

While most may be scared of goblins and ghouls this Halloween, the real threat to enterprise organizations this spooky season are zombie APIs. Though it may be Halloween, developer and security teams are spooked year round by these undetected threats. According to a recent report, approximately 92% of organizations have been impacted by at least one API security-related incident in the past 12 months, while 57% reported experiencing multiple API security incidents in the same time frame ...

October 30, 2023

It's understood that APIs are essential building blocks of modern software. But are APIs products in their own right, ones that can produce revenue? Most API developers and professionals say yes, with 60% viewing their APIs as products, according to Postman's 2023 State of the API Report ...

October 24, 2023

The majority (75%) of organizations typically change or update their APIs on a daily or weekly basis, creating a significant challenge for protecting the changing API attack surface, according to Securing the API Attack Surface, a report from Data Theorem and ESG ...

October 11, 2023

With the rapid increase in API usage also comes an increase in malicious actors targeting APIs as a gateway to customer and company data. That's why ensuring that your API integrations are safe is no longer simply a technical requirement, it is a responsibility that developers and organizations cannot take lightly. Here are three ways to ensure that your next API integration doesn't leave you, or your users, vulnerable ...

September 14, 2023

API security should be a key part of any organization's security strategy today; however, it's often overlooked. APIs make up 83 percent of all web traffic, and they play a vital role in nearly all modern mobile and web applications, as well as containers and microservices. APIs are designed to be accessed by third parties, which exposes them to a broader spectrum of potential attacks compared to traditional web applications ...

September 07, 2023

APIs don't exist in a vacuum — they need a way to be tied to your backend systems. This is where a multi-function iPaaS can assist. When combined with the power of API governance to support DevOps, you've just equipped your team with its version of Batman and Robin, the heroes of your organization's digital transformation ...

August 16, 2023

Developers are leveraging a variety of tools, platforms, languages, and services to deliver more sophisticated features and functionality. However, every additional component used to build an application increases the size of the attack surface and the risk of an attack. Threat actors have a greater chance of discovering a vulnerability, misconfiguration, or bug that can serve as a toehold into the environment ...

August 09, 2023

Fraud detection, typically seen as a solution outside of cybersecurity, has taken on a new dimension in recent times. Digital fraud has emerged as a significant threat to businesses and individuals alike. APIs play a pivotal role in this landscape, often serving as the gateway for fraudulent activities ... As the sophistication and frequency of digital fraud continue to rise, understanding the connection between API security and fraud has never been more critical ...

August 01, 2023

APIs are incredibly important in today's digital landscape. They play a crucial role in enabling communication and interaction between different software applications, systems, and services. Due to the increasing reliance on APIs, they have gradually become the top target for hackers. As such, enterprises are placing more emphasis on API security to protect the integrity of data and services, build trust and confidence, and mitigate future risks ...

July 26, 2023

More companies are adopting an API-first approach to software development, and ... outperforming organizations that haven't. Beyond the technical advantages, organizations are also seeing a direct impact on their bottom line, reporting their APIs as revenue generators ...

Pages