Salt Labs researchers investigated a large business-to-consumer (B2C) online platform that provides API-based mobile applications and software as a service to millions of users globally.
API security earns its own pillar in Gartner Security Reference Architecture.
Recently Gartner analysts Mark O'Neill and Dionisio Zumerle teamed up on a webinar titled API Security: Protect your APIs from Attacks and Data Breaches. Read on for highlights, insights and perspective on the session covering API security.
APIs are at the core of open banking, enabling financial institutions to standardize how they create and connect to an ecosystem of providers to exchange financial data. To a large degree, open banking has ushered in a democratization of banking across the globe and this has all been possible thanks to APIs.
With the proliferation of APIs in all modern applications, understanding the ins and outs of APIs is more critical than ever.
The latest executive order (EO) zones in on a few areas of cybersecurity, but a primary focus is software supply chain security after incidents such as the SolarWinds attack
Establishing and gaining adoption of secure build pipeline approaches is a multi-year endeavor for organizations.
Zero trust principles and the technologies that have emerged inevitably promote dynamic access control that is informed by application context, identity, and behaviors.
As APIs have increased in prominence and as a target for attacks, organizations have become more aware of the need for proper security, but as with adopting any new technology, misconceptions persist about how to get it right.
Salt Security is combining efforts with MuleSoft to bring best-of-breed API security to the market leader in API management and integration, the MuleSoft Anypoint Platform.
Columbo was a master of context. The lieutenant was famous for his catchphrase “Just one more thing,” heard countless times by suspects as he chipped away at a case, gathering small, obscure pieces of the puzzle and putting them together to form the bigger picture and ultimately solve the case.
On a recent webinar with Security Boulevard, we were fortunate to host Nir Valtman, Finastra head of product and data security, to share insights into his API security journey. You can view the entire session on the Salt YouTube channel, and here are some of the highlights from the discussion.
Learn what pain points we uncovered as we set out to understand the state of API security – a critical window into broader enterprise security trends given that APIs underlie every revenue-generating application today.
Changes to APIs create new challenges for security teams. See what should be top of mind for any security professional tasked with protecting APIs.
The reality is, APIs today are very different from the web APIs of the early 2000s, and these changes impact the way we need to think about the API security landscape.
I recently tuned into a CISO panel discussion and one of the panelists said something that struck me – “Application security today is less about the applications and more about the APIs.”
The OpenAPI Specification (OAS) is a way to describe and create API documentation. Learn some of the ways dev and security teams use the OAS and why it falls short when it comes to securing your APIs.
Organizations are working hard to “shift left” with security and improve the security of code. Learn why in APIs, improving security during build and initial deployment cannot provide the full answer.
Get ready for episode number 3 of our video series called API Security With A Pinch Of Salt. In this episode, Adam and Chris answer the question - WAFs, what are they good for?
It’s time for episode number 2 of our video series called API Security With A Pinch Of Salt. In this episode, Adam, Chris and Ran dig into the topic of the importance of API documentation.
Today we kick off a video series called API Security With A Pinch Of Salt where we dig deep into API security. In this first episode, Adam, Chris and Ran tackle the topic of using API Gateways for Security.
In light of accelerated transformation, digital platforms are now a more critical part of our lives and I’m thankful for the companies that continue to provide these services. Had we seen a similar situation 15 or 20 years back, how would we have managed?
As our society continues to increasingly operate online with banking, shopping, food delivery, ride-sharing, and the many cloud services, cybercriminals have a never-ending route to breach the defenses of financial companies.
Are you wondering what Salt Security does, what challenges we solve for, and how we do it? Check out this explainer video that answer all of those questions in just over one minute.
The Open Web Application Security Project has been around since 2001 and is best known for the OWASP Web Application Security Top 10 which has set the standard for how orgs have approached security to protect traditional web applications.
In college, a good friend of mine got deeply involved in the martial art Aikido and instead of directly attacking, the defender would wait for a move from their opponent, like a lunge, and harness that momentum to take control.
Whether you realize it or not APIs are everywhere around us and they exchange sensitive data constantly, making them a rich target for attackers, which explains why we’ve seen a significant increase in attacks targeting APIs in recent years.
The non-stop news of security breaches in recent years underscores a growing realization that organizations need to fundamentally rethink the way they protect their applications and data.