
A Look at a Few Real-World Multi-Vector API & Web Application Attacks
We at ThreatX are observing an uptick in multi-vector API and web application attacks, or...
VIEW MOREWhat is Mass Assignment: How We Can Help
OWASP says of mass assignment, “Binding client provided data (e.g., JSON) to data models, without...
VIEW MOREDeconstructing API Attacks
Over the last couple of decades, attackers have built up a sizeable arsenal of tools, techniques,...
VIEW MOREThe Best Way to Combat Bot-Based API Attacks
When defending APIs against botnet attacks, the goal is to make it too inconvenient and expensive...
VIEW MOREBroken Function-Level Authorization: What It Is, How We Can Help
No. 5 on the OWASP API Top 10 vulnerabilities list is broken function-level authorization (after...
VIEW MORELack of Resources and Rate Limiting: What It Is, How We Can Help
No. 4 on the OWASP API Top 10 vulnerabilities list is lack of resources and rate limiting (after...
VIEW MOREExcessive Data Exposure: What It Is, How We Can Help
No. 3 on the OWASP API Top 10 vulnerabilities list is excessive data exposure (after BOLA and...
VIEW MOREBroken User Authentication: What It Is, How We Can Help
No. 2 on the OWASP Top 10 List of Critical API Security Risks, broken user authentication is both a...
VIEW MOREWhy the Long View Matters in API Attack Protection
In API attack protection, context is key. The old-school method of looking for attack signatures...
VIEW MOREWhat is BOLA – Broken Object Level Authorization?
No. 1 on the OWASP Top 10 List of Critical API Security Risks, broken object level authorization or...
VIEW MOREAnnouncing New ThreatX API Protection Capabilities
We’re pleased to announce that we have expanded and enhanced our API protection capabilities to...
VIEW MOREAccount Takeover (ATO): Types, Detection, Prevention and Protection
In the previous installment of our blog series on the modern threat landscape, we looked at how...
VIEW MORE