Category: Blog
OWASP API Security Top 10 2023 Security Risks
As explained by the online community, Open Web Application Security Project (OWASP), APIs are a...
VIEW MOREAvoid This Common Phone Scam
I’ve worked in cybersecurity a long time, and over the years have learned a lot about the tactics...
VIEW MOREAnnouncing ThreatX Labs
I’m happy to announce that ThreatX will be conducting more threat research with the formation of...
VIEW MOREWhat is Mass Assignment: How We Can Help
2023 UPDATE: In the 2023 OWASP API Top 10 vulnerabilities list, Excessive Data Exposure and Mass...
VIEW MOREHTTP Request Smuggling Vulnerability in Node.js
Last week, researchers discovered an HTTP request smuggling vulnerability in Node.js. This...
VIEW MOREThe Types of API Attacks We Are Seeing
Attackers are like modern-day cartographers. The cartographers of old weren’t necessarily sailing...
VIEW MOREHow Attackers Are Using Bots to Breach APIs
APIs have become very popular attack targets, and almost all the attacks we see against API...
VIEW MOREWhat is BOLA – Broken Object Level Authorization?
No. 1 on the 2023 OWASP Top 10 List of Critical API Security Risks, broken object level...
VIEW MOREThreatX Security XChange: Terence Runge, CISO
Welcome to ThreatX Security XChange – our blog series featuring security practitioners and...
VIEW MOREAPI Protection vs. Security: Getting Started
Recently, I’ve been championing the idea of a “protection-first” approach when it comes to...
VIEW MORENew Research: How Does API Security Affect Consumers?
There’s a lot of talk about APIs and their security, or lack thereof, in the infosec community....
VIEW MORERead the Fine Print: Can’t Block an API Attack? You Can’t Protect
“Can the API security tool you are pitching – on its own – stop (block) API attacks...
VIEW MORE