Categories
API Security

How to Steal Unencrypted Data

Over $6 billion is lost to identity theft each year. Some digital theft results from malicious programs like keyloggers and spyware, but unaware developers also introduce silent threats. Unencrypted data is always dangerous. This blog focuses on data in transit, but similar principles apply to data at rest. In the following sections, I demonstrate how […]

Categories
API Security

How Unsecured APIs Leak Customer Data

Many security outsiders think data leaks result from diligent efforts by seasoned hackers. In reality, minor oversights and mistakes in code frequently cause data breaches. And with engineers pressured to release features quickly, it’s no wonder these mistakes are common. Unsecured Application Programming Interfaces (APIs) are particularly dangerous because they’re synonymous with Broken Access Control, […]

Categories
API Security

Why API Security Matters in 2022

APIs are the hottest attack vector in modern software. In this blog, we’ll look at how APIs add risk and best practices for securing them. For anyone who doesn’t know, API stands for Application Programming Interface. APIs provide a way for software programs to communicate with the external world. And securing these interfaces is a […]