Salt Security Blog
Welcome to our blog about all things in and around the world of APIs and API Protection.
At Salt Security one of our philosophies is to provide solutions that help simplify processes, and save time, rather than introduce additional complexities. This is especially important when it comes to security.
OWASP Global AppSec 2019 happened recently in Tel Aviv and I was lucky enough to attend, present a few sessions, meet some new people and have lots of great conversations so I thought it would be good to do a writeup to share my thoughts about the event. First, let’s talk about why I attended.
From a previous post we know that today’s applications are different compared to what they were just a few years back and APIs are increasingly being used to power customer applications, connect with partners and drive microservices environments. Whether you realize it or not APIs are everywhere around us and they exchange sensitive data constantly, making them a rich target for attackers, which explains why we’ve seen a significant increase in attacks targeting APIs in recent years.
The non-stop news of security breaches in recent years underscores a growing realization that organizations need to fundamentally rethink the way they protect their applications and data.
Confidence is important when you decide to engage with a vendor. You want to know that vendor is not only able to deliver the service
Let’s talk for a moment about love, relationships and commitment… Most application security engineers I’ve met have already settled down and found their special one.
By now you’ve probably seen the news about the USPS vulnerability where an attacker with simple access to usps.com, an understanding of the API logic
Technology is constantly evolving. We’ve seen this in recent years in the way applications are developed (e.g. CI/CD), delivered (e.g. microservices and cloud) and consumed