Subscribe to the Salt blog

Privacy Policy

Learn about the Salt + CrowdStrike Falcon integration

Learn more
Posts Tagged

API Attack Prevention

Subscribe to Salt blog

4 Things to Know about Your Car and API Security

Technology has advanced incredibly fast in the automotive field, and manufacturers are developing new applications quickly to capitalize on the endless possibilities. But what about security?

Adam Fisher
Adam Fisher
January 18, 2023

Salt Customer Attack Case Study: Blocking a Low-rate-per-bot HTTP DDoS Attack

Relying on WAFs alone for API protection is insufficient and leaves companies vulnerable.

Eran Atias
Eran Atias
January 12, 2023

Seven Takeaways from Gartner® 2022 Innovation Insight for API Protection

Gartner recently published a new Innovation Insight report for API protection. We thought it would be helpful to provide some key takeaways from the report, alongside some perspectives from our own research and conversations with customers.

Stephanie Best
Stephanie Best
January 10, 2023

Successful SQLi WAF Bypass Shows (Again) how WAFs Cannot Stop API-based Attacks

Over the last several years, attackers have changed their tactics, focused on identifying and exploiting business logic gaps by manipulating and abusing APIs.

Eran Atias
Eran Atias
December 20, 2022

Why CISOs Are Making API Security A Top Priority

The monetary growth opportunities promised by APIs are immense, but to harness them, CISOs must ensure the protection of their APIs.

Roey Eliyahu
Roey Eliyahu
November 29, 2022

What is PCI DSS 4.0 and why is API security such a critical component?

With the industry moving to microservices and API-driven applications, new security threats and attack vectors have emerged. The PCI Security Standards Council has worked to address these threats in its newest PCI DSS 4.0 standard.

Hadar Freehling
Hadar Freehling
November 22, 2022

Leveraging Google Cloud Packet Traffic Mirroring with Salt to Detect API Security Threats

It’s not enough to find and block attackers exploiting a vulnerability in your API. You will also want to remediate the security gap in your APIs.

Stephanie Best
Stephanie Best
November 4, 2022

OpenSSL Vulnerability Analysis – Denial of Service and Remote Code Execution

Insights regarding two new vulns that have been uncovered in the OpenSSL library – CVE-2022-3602 and CVE-2022-3786. These vulnerabilities affect OpenSSL.

Salt Labs
Salt Labs
November 3, 2022

What are API Attacks, Why They’re Different, and How to Stop Them

Why are we seeing such a constant stream of API-based attacks? Quite simply, APIs are lucrative for attackers.

Stephanie Best
Stephanie Best
October 31, 2022

Are You Haunted by Zombie, Shadow and Ghost APIs?

Zombies, Shadows, and Ghosts hide in plain sight as APIs in your infrastructure, quietly extending your attack surface, patiently waiting to be called upon by some black hat.

Nick Rago
Nick Rago
October 28, 2022

3 Top Takeaways on API Security and Zero Trust

Salt Security's Roey Eliyahu and TAG Cyber's Ed Amoroso sat down together for a joint webinar on API security and zero trust. Check out the takeaways.

Jennifer Dignum
Jennifer Dignum
September 23, 2022

How to Protect APIs

As attackers have jumped on the API bandwagon, API threats have also changed, contributing further to the risks and demanding a new approach to protect APIs.

Nick Rago
Nick Rago
August 25, 2022

What is Account Takeover and 5 Best Practices to Prevent ATO

Account Takeover, or ATO, is a form of cybersecurity attack in which a cybercriminal steals usernames and passwords.

Yaniv Balmas
Yaniv Balmas
April 19, 2022

4 Ways Today’s CISOs Must Address API Security

At our recent API Security Summit – the industry’s first summit dedicated entirely to API security – we had the opportunity to chat with six senior security executives about their approaches to protecting these vital assets.

Jennifer Dignum
Jennifer Dignum
March 10, 2022

Companies are Struggling Against a 681% Increase in API Attacks, the Latest “State of API Security” Report Shows

Salt Security releases the latest findings of its bi-annual report on API security trends

Salt Labs
Salt Labs
March 2, 2022

API Security Best Practices

Salt Security has compiled a list of API security best practices based on field experience and customer feedback.

Jennifer Dignum
Jennifer Dignum
January 20, 2022

Seven API Security Predictions for 2022

If 2022 is anything like 2021, we’ll see no shortage of API-related events this coming year. In no particular order of likelihood or preference, take a look at seven predictions for API security for 2022.

Michael Isbitski
Michael Isbitski
December 22, 2021

Recap: The 7 Biggest API Security Incidents in 2021

We’ve spotlighted the seven biggest API security incidents in 2021 that plagued many different companies of different sizes and across verticals and highlighted what we can take away from each event.

Michael Isbitski
Michael Isbitski
December 21, 2021

API Threat Research: GraphQL Authorization Flaws in Financial Technology Platform

Salt Labs researchers investigated a large B2B FinTech platform that offers financial services in the form of API-based mobile apps and SaaS to SMB and commercial brands.

Salt Labs
Salt Labs
December 8, 2021

API Security Evaluation Guide

Evaluating and selecting API security tooling is critical as part of API security strategy and mitigating API attacks.

Michael Isbitski
Michael Isbitski
November 16, 2021

API Threat Research: Elastic Stack Misconfiguration Allows Data Extraction

Salt Labs researchers investigated a large business-to-consumer (B2C) online platform that provides API-based mobile applications and software as a service to millions of users globally. 

Salt Labs
Salt Labs
September 29, 2021

Now Boarding: All Passengers for Securing Travel and Expense APIs

Salt Security streamlines API security with automated protection for TripActions

Michelle McLean
Michelle McLean
July 21, 2021

What Are JWTs And Are They Vulnerable To Attacks?

In episode 5 of API Security With A Pinch Of Salt, we talk about JSON Web Tokens (JWTs), an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting info between parties as a JSON object.

Chris Westphal
Chris Westphal
August 28, 2020

What Can Attackers Do With API Vulnerabilities?

Episode number 4 of API Security With A Pinch Of Salt is here. In this episode Chris and Ran talk about what attackers are going after when they target APIs and what they can do if they find and successfully exploit a vulnerability.

Chris Westphal
Chris Westphal
August 4, 2020

How Martial Arts Can Help You Eliminate API Vulnerabilities

In college, a good friend of mine got deeply involved in the martial art Aikido and instead of directly attacking, the defender would wait for a move from their opponent, like a lunge, and harness that momentum to take control.

Chris Westphal
Chris Westphal
August 21, 2019

Tags

API Attack Analysis
API Attack Methodology
API Attack Prevention
API Security 101
API Security Strategy
API Vulnerability Analysis
Awards
CISO
Company Updates
Compliance
Customers
Events
Financial Services
Insurance
OWASP API Top 10
Product Updates
Research
Salt Labs
Technology Partners
Video
Webinar
eBook
Clear filters

Posts by

Adam Fisher
Ahuvy Mrad
Aviad Carmel
Brett Robinson
Chris Westphal
Elad Koren
Eran Atias
Gilad Barzilay
Gilad Gruber
Hadar Freehling
Jennifer Dignum
Jon Peppler
Mandy Kelley
Michael Isbitski
Michael Nicosia
Michael Porat
Michelle McLean
Nick Rago
Ori Bach
Ran Barth
Renee Hollinger
Roey Eliyahu
Salt
Salt Labs
Salt Technical Engineering
Sara Tierno
Shiran Yodev
Stephanie Best
Sunil Dutt
Technical Engineering
Yaniv Balmas