Category: Blog
Avoid This Common Phone Scam
I’ve worked in cybersecurity a long time, and over the years have learned a lot about the tactics...
VIEW MOREAnnouncing ThreatX Labs
I’m happy to announce that ThreatX will be conducting more threat research with the formation of...
VIEW MOREWhat is Mass Assignment: How We Can Help
OWASP says of mass assignment, “Binding client provided data (e.g., JSON) to data models, without...
VIEW MOREHTTP Request Smuggling Vulnerability in Node.js
Last week, researchers discovered an HTTP request smuggling vulnerability in Node.js. This...
VIEW MOREThe Types of API Attacks We Are Seeing
Attackers are like modern-day cartographers. The cartographers of old weren’t necessarily sailing...
VIEW MOREHow Attackers Are Using Bots to Breach APIs
APIs have become very popular attack targets, and almost all the attacks we see against API...
VIEW MOREHow to Secure APIs – 10 Best Practices to Follow
APIs (application programming interfaces) are a foundation for modern software development. They...
VIEW MOREWhat is BOLA – Broken Object Level Authorization?
No. 1 on the OWASP Top 10 List of Critical API Security Risks, broken object level authorization or...
VIEW MOREThreatX Security XChange: Terence Runge, CISO
Welcome to ThreatX Security XChange – our blog series featuring security practitioners and...
VIEW MOREAPI Protection vs. Security: Getting Started
Recently, I’ve been championing the idea of a “protection-first” approach when it comes to...
VIEW MORENew Research: How Does API Security Affect Consumers?
There’s a lot of talk about APIs and their security, or lack thereof, in the infosec community....
VIEW MORERead the Fine Print: Can’t Block an API Attack? You Can’t Protect
“Can the API security tool you are pitching – on its own – stop (block) API attacks...
VIEW MORE