Between the Cambridge Analytica incident at Facebook and the General Data Protection Regulation (GDPR) kicking in across Europe from the 25th of May, it’s safe to say that online security is set to take center stage like never before. Read more
Posts Tagged: API security
Using OAuth Device Flow For UI-Incapable Devices
As the internet grows and more devices become interconnected, authorization is becoming more and more complex.
Early implementations of online services were easy to authorize against since they were tied to desktops, but modern authorization must consider varying environments, from mobile apps to IoT scenarios. Read more
High-Grade API Security For Banks
Financial institutions occupy a special zone for APIs largely because of how stringent the regulatory compliance rulesets are. The data that financial institutions leverage are protected widely by a variety of regulatory ordinances, and as such, this data has to be stringently controlled, secured, and managed – hence why high-grade API security is such a serious concern. Read more
Securing Medical IoT Devices
The IoT (Internet of Things) is becoming part of our everyday life. We’re developing audio equipment that can use voice commands to process complex operations, light switches that schedule operations based on observed functionality over time, and even devices that we can use to automatically order supplies based on our consumption habits. Read more
Why Can’t I Just Send JWTs Without OAuth?
A JSON Web Token or JWT is an extremely powerful standard. It’s a signed JSON object; a compact token format often exchanged in HTTP headers to encrypt web communications.
Because of its power, JWTs can be found driving some of the largest modern API implementations. Read more
