Zero-Trust Alone Proves Inadequate for Securing APIs
The disclosure of three significant API security incidents in the first two months of 2023 serves as a reminder that, as the use of APIs continue to rise, so too does the number of API related security breaches ... Read More
What is Runtime Application Self-Protection (RASP)?
Runtime Application Self-Protection (RASP) is a security technology that is designed to protect applications from attacks while the application is running. It works by embedding a security mechanism directly into the application, which allows it to monitor the application's behavior and detect and prevent malicious activities in real-time ... Read More
Is Certificate Pinning Worth it?
In a word - yes; when implemented correctly, certificate pinning is an effective method for securing mobile application traffic by restricting the accepted certificates to just those you are willing to trust. In its most secure manifestation, this trust sits outside the standard TLS certificate store managed by the device ... Read More
Is API authentication secure?
API authentication is about proving that whoever is trying to access an API is who they say they are. This is sometimes confused with authorization which is about proving that whoever is trying to access data via the API has the right to access that data ... Read More
Why Should You Keep Your API Key Secure?
Attacks against APIs are increasing and API key protection is central to miminizing your business risks. In this article we’ll look at what your exposures are and what you should do about it ... Read More
