Category: Blog
How to Determine Noise vs. a Targeted Attack
One of the main challenges that security operation centers (SOC) and threat hunting teams run into...
VIEW MOREMaking a Business Case for API Security: Talking Points for Speaking to the Board
It didn’t take long for API security to make the news in 2023. In January, it was reported that a...
VIEW MORECredential Stuffing: Examples, Detection and Impact
Credential stuffing has become one of the most common and significant threats facing organizations...
VIEW MOREOWASP API Security Top 10 2023 Release Candidate Published
As explained by the online community, Open Web Application Security Project (OWASP), APIs are a...
VIEW MOREAvoid This Common Phone Scam
I’ve worked in cybersecurity a long time, and over the years have learned a lot about the tactics...
VIEW MOREAnnouncing ThreatX Labs
I’m happy to announce that ThreatX will be conducting more threat research with the formation of...
VIEW MOREWhat is Mass Assignment: How We Can Help
OWASP says of mass assignment, “Binding client provided data (e.g., JSON) to data models, without...
VIEW MOREHTTP Request Smuggling Vulnerability in Node.js
Last week, researchers discovered an HTTP request smuggling vulnerability in Node.js. This...
VIEW MOREThe Types of API Attacks We Are Seeing
Attackers are like modern-day cartographers. The cartographers of old weren’t necessarily sailing...
VIEW MOREHow Attackers Are Using Bots to Breach APIs
APIs have become very popular attack targets, and almost all the attacks we see against API...
VIEW MOREHow to Secure APIs – 10 Best Practices to Follow
APIs (application programming interfaces) are a foundation for modern software development. They...
VIEW MOREWhat is BOLA – Broken Object Level Authorization?
No. 1 on the OWASP Top 10 List of Critical API Security Risks, broken object level authorization or...
VIEW MORE