The Web Application and API Protection Blog

Application Security BY Sydney Coffaro

PCI DSS 4.0: New Requirement to Automate Detection and Prevention of Web-Based Attacks

Backed by all major credit card and payment processing companies, the PCI Data Security Standard...

Application Security BY Austin Jones

Think Like an Attacker: How to Add Security Into API and App Development

I’m not a security professional; I’m an engineer. But when you work at a startup, you often...

Threat Intelligence BY Michael Napolitano

ThreatX SOC Vulnerability Alert: CVE-2022-21449 “Psychic Signatures”

Earlier this week, the ThreatX SOC deployed a rule to protect our client base from a newly...

Product Updates BY Bret Settle

Announcing New ThreatX API Protection Capabilities

We’re pleased to announce that we have expanded and enhanced our API protection capabilities to...

Application Security BY Tom Hickman

Demystifying API Security

We hear a lot of questions and concerns from customers and prospects these days about API security....

Threat Intelligence BY Neil Weitzel

Spring4Shell: Day 1 Update and Insights

As we reported yesterday, ThreatX deployed to production a ruleset to protect against Spring4Shell...

Threat Intelligence BY Andrew Useckas

ThreatX Response to Spring4Shell

On March 29, 2022, Spring disclosed a zero-day vulnerability – Spring4Shell. A widely used Java...

API Security BY Suzanne Ciccone

Five Requirements for Protecting APIs Against Attacks

API security is not a new problem; APIs and their vulnerabilities have been around a long time....

Blog BY Tom Hickman

API Protection vs. Security: Getting Started

Recently, I’ve been championing the idea of a “protection-first” approach when it comes to...

Application Security BY Tom Hickman

How Rogue and Zombie APIs Expand Your Attack Surface

Whether it’s Auth APIs controlling access to privileged business logic in web applications,...

News BY Andrew Useckas

Response to Threat of Russian Cyberattacks

Russia’s invasion of Ukraine is expected to lead to security attacks against Ukraine and its...

Blog BY Suzanne Ciccone

New Research: How Does API Security Affect Consumers?

There’s a lot of talk about APIs and their security, or lack thereof, in the infosec community....

The API and Application Protection Blog

Subscribe for updates