When it comes to API security, no integration is 100% safe. Breaches meet the news day after day. Vulnerable connections continue to expose private data, costing companies millions of dollars in repairs and resulting in terrible PR.
Posts Tagged: API security
API concepts, especially those around security, can often be confusing. While we generally understand basic concepts like “credentials,” trying to explain how the ROPC Flow differs from the Client Credentials Flow can often devolve relatively quickly into acronyms and diagrams. Accordingly, we’ve compiled a list of 20 resources that help to nail these concepts down. Read more
Companies of all sizes are struggling to keep their APIs safe, as evidenced by the many recent hacks, leaks, and exploits. While the traditional approach to API security largely focuses on technical aspects, like managing Denial of Service attacks and preventing code injections, it turns out that a growing number of hacks are actually caused by poor management of API permissions or flaws in business logic. Read more
API security is complex, and the underlying systems that support it are even more so. Getting a grasp on API security requires understanding many underlying components. Accordingly, any tool that can help contextualize these systems is not only a good educational tool, but it’s also a good business tool. Read more
GDPR, the European Union’s General Data Protection Regulation, came into effect in March of 2018. This new regulation sets the privacy and security expectations for handling user data, and applies to every actor evenly tangentially related to the European market. Read more