Blog >
This post details issues identified in a popular framework used by many online services to implement OAuth (as well as other functionality). Salt Labs findings show that services using this framework are susceptible to credentials leakage.
Dada a ampla utilização do OAuth, quaisquer vulnerabilidades encontradas nos seus componentes ou nas suas implementações podem levar a um impacto de segurança considerável nas aplicações e serviços que os utilizam.
Relying on WAFs alone for API protection is insufficient and leaves companies vulnerable.
We chose to investigate the services provided by LEGO, perhaps the most famous toy manufacturer in the world — because we contend this example sheds light on the reality of quick adoption of APIs and the risks that can come with that fast pace.
As attackers have jumped on the API bandwagon, API threats have also changed, contributing further to the risks and demanding a new approach to protect APIs.
State of API Security Report data highlights a daunting scenario: exploding attack activity, insufficient existing practices, and teams ill-prepared to address API security.
Assine a Newsletter da Salt para receber os recursos e posts de blog mais recentes.