We have breaking news! Today we’re launching our Salt Technical Ecosystem Partner (STEP) Program, to accelerate how we can tap the deep API insights of the Salt platform to enrich the API ecosystem.
The JumpCloud incident highlights the fact that organizations must be aware of risks in regards to their cloud service providers.
In our new White Paper, we have taken a close look at the MITRE ATT&CK Enterprise Matrix – essentially a superset of all the matrices.
WAAPs are more advanced than WAFs, and play an important role in an organization’s larger API security strategy, but still don’t and can’t holistically solve the problem of API security.
In general, most API data breaches are usually the result of one or a combination of four different attack scenarios.
Third-party APIs contribute to a sprawling API attack surface and can be a security risk if they are not properly inventoried, governed, tested, monitored, or maintained.
Zombies, Shadows, and Ghosts hide in plain sight as APIs in your infrastructure, quietly extending your attack surface, patiently waiting to be called upon by some black hat.
As attackers have jumped on the API bandwagon, API threats have also changed, contributing further to the risks and demanding a new approach to protect APIs.