What Sutton’s Law Means For Open Banking

Bank robber Willie Sutton (1901-1980) did reasonably well making off with an estimated $2 million in illegal earnings throughout his career. He was a rash and resourceful robber who used disguises and trickery to achieve his ends. This included dressing as a policeman, window washer, maintenance man, bank guard, mover, Western Union messenger, and striped-pants diplomat.

Continue Reading

What Is The OWASP API Security Top 10

The Open Web Application Security Project has been around since 2001 and is best known for the OWASP Web Application Security Top 10 which has set the standard for how organizations have approached security to protect traditional web applications. The OWASP Top 10 projects are community driven and experts from across the community come together to put out an updated version of this flagship Top 10 list every 3 years with the current version released in 2017.

Continue Reading
How Martial Arts Can Help You Eliminate API Vulnerabilities
Photo by L'oeil étranger

How Martial Arts Can Help You Eliminate API Vulnerabilities

In college a good friend of mine got deeply involved in the martial art Aikido. Unlike other martial arts I was familiar with one of the things that stuck out for me was the concept of using an attacker’s momentum against them. Instead of directly attacking, the defender would wait for a move from their opponent, like a lunge, and harness that momentum to take control.

Continue Reading

How to Control Top API Security Risks

From a previous post we know that today’s applications are different compared to what they were just a few years back and APIs are increasingly being used to power customer applications, connect with partners and drive microservices environments. Whether you realize it or not APIs are everywhere around us and they exchange sensitive data constantly, making them a rich target for attackers, which explains why we’ve seen a significant increase in attacks targeting APIs in recent years.

Continue Reading