AI-fueled attacks and hyperconnected IT environments have made threat exposure one of the most urgent cybersecurity challenges facing enterprises today. In response, Check Point® Software Technologies Ltd.(link is external) announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform.
Noname Security Supports New OWASP API Security Top 10
August 30, 2023
Noname Security announced its API security platform now fully supports the 2023 OWASP API Security Top 10 risk categories.
With this new integration Noname Security reinforces its position as the leader in API Security by natively supporting both the 2019 and 2023 frameworks to help customers fight against the ever-evolving threats targeting APIs.
Noname’s API Security Platform detects OWASP API Top 10 related vulnerabilities across the widest possible set of sources including log files, replays of historical traffic, configuration files, and more. This allows customers to find and remediate critical issues like excessive data exposure, broken authentication, lack of resources, and rate limiting, among others.
“APIs have many stakeholders, and frameworks like the OWASP API Security Top 10 allow diverse groups across teams to come together and speak the same language,” said Oz Golan, CEO and Co-Founder of Noname Security. “The integration of the 2023 OWASP API Security Top 10 into our platform is a strategic step in helping organizations tackle API security concerns and incorporate API security as part of their broader application security conversations.”
Issued by the Open Worldwide Application Security Project (OWASP), the OWASP API Security Top 10 list serves as a vital resource for identifying the most critical security risks threatening API environments. These vulnerabilities, if left unchecked, can expose sensitive data, compromise user privacy, and wreak havoc on the integrity of software systems.
Originally published in 2019, the OWASP API Security Top 10 was officially updated in June of 2023 with a number of changes to reflect the shifting dynamics of the API security landscape. Besides some consolidated categories, the latest release also includes three new categories including:
- Unrestricted Access to Sensitive Business Flows (API6:2023) – This category is centered on bots and is an indication of the way security vendors influenced the list and their priorities.
- Server Side Request Forgery (API7:2023) – This is new to the API Security Top 10 list and is a common vulnerability in security, whereby a client can redirect the server to somewhere not under its own purview, leading to potential external vulnerabilities.
- Unsafe Consumption of APIs (API10: 2023) – This category is focused on third party APIs and the difference in inherit trust by developers when consuming them versus custom in-house APIs.
Industry News
May 27, 2025
May 27, 2025
LambdaTest announced the launch of its Automation MCP Server, a solution designed to simplify and accelerate the process of triaging test failures.
May 27, 2025
DefectDojo announced the launch of their next-gen Security Operations Center (SOC) capabilities for DefectDojo Pro, which provides both SOC and AppSec professionals a unified platform for noise reduction and prioritization of SOC alerts and AppSec findings.
May 22, 2025
Check Point® Software Technologies Ltd.(link is external) has been recognized on Newsweek’s 2025 list of America’s Best Cybersecurity Companies(link is external).
May 22, 2025
Red Hat announced enhanced features to manage Red Hat Enterprise Linux.
May 22, 2025
StackHawk has taken on $12 Million in additional funding from Sapphire and Costanoa Ventures to help security teams keep up with the pace of AI-driven development.
May 21, 2025
Red Hat announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.
May 21, 2025
Komodor announced the integration of the Komodor platform with Internal Developer Portals (IDPs), starting with built-in support for Backstage and Port.
May 21, 2025
Operant AI announced Woodpecker, an open-source, automated red teaming engine, that will make advanced security testing accessible to organizations of all sizes.
May 21, 2025
As part of Summer '25 Edition, Shopify is rolling out new tools and features designed specifically for developers.
May 21, 2025
Lenses.io announced the release of a suite of AI agents that can radically improve developer productivity.
May 20, 2025
Google unveiled a significant wave of advancements designed to supercharge how developers build and scale AI applications – from early-stage experimentation right through to large-scale deployment.
May 20, 2025
Red Hat announced Red Hat Advanced Developer Suite, a new addition to Red Hat OpenShift, the hybrid cloud application platform powered by Kubernetes, designed to improve developer productivity and application security with enhancements to speed the adoption of Red Hat AI technologies.
May 20, 2025
Perforce Software announced Perforce Intelligence, a blueprint to embed AI across its product lines and connect its AI with platforms and tools across the DevOps lifecycle.
May 20, 2025
CloudBees announced CloudBees Unify, a strategic leap forward in how enterprises manage software delivery at scale, shifting from offering standalone DevOps tools to delivering a comprehensive, modular solution for today’s most complex, hybrid software environments.
