Mastouille

1 message1 participant0 message aujourd’hui

Tanya Janca | SheHacksPurple :verified: :verified:I'm giving a paid workshop on the <a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OWASP</a> <a href="https://infosec.exchange/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a> Top Ten with AntiSyphon training on September 19th, with a ranging pay scale. Check it out here: <a href="https://twp.ai/4ioFrR" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twp.ai/4ioFrR</a>

Tanya Janca | SheHacksPurple :verified: :verified:I'm giving a paid workshop on the <a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OWASP</a> <a href="https://infosec.exchange/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a> Top Ten with AntiSyphon training on September 19th, with a ranging pay scale. Check it out here: <a href="https://twp.ai/4inqEs" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twp.ai/4inqEs</a>

Tanya Janca | SheHacksPurple :verified: :verified:🎥 Missed one of my past conference talks? Let’s fix that.I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.“Top Ten Security Tips for APIs” 📽️ <a href="https://twp.ai/4ioX6N" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twp.ai/4ioX6N</a><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/SecurityAwareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAwareness</a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://infosec.exchange/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a>

Tanya Janca | SheHacksPurple :verified: :verified:I'm giving a paid workshop on the <a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OWASP</a> <a href="https://infosec.exchange/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a> Top Ten with AntiSyphon training on September 19th, with a ranging pay scale. Check it out here: <a href="https://twp.ai/4inqlb" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twp.ai/4inqlb</a>

Tanya Janca | SheHacksPurple :verified: :verified:🎥 Missed one of my past conference talks? Let’s fix that.I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.“Top Ten Security Tips for APIs” 📽️ <a href="https://twp.ai/4in9ou" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twp.ai/4in9ou</a><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/SecurityAwareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityAwareness</a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://infosec.exchange/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a>

:mastodon: Mike AmundsenIf You’re Not Threat Modeling, Your API Is Already Vulnerable - DevX <a href="https://buff.ly/uqPiDEb" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/uqPiDEb</a>"if you care about uptime, user trust, or your job, you need to know where your API’s soft spots are. Otherwise, attackers will find them for you."<a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a>

Marco Ciappelli🎙️✨:verified: :donor:🚀 New Brand Story from <a href="https://infosec.exchange/tags/RSAC2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RSAC2025</a>: Runtime Protection at the New Digital Front LineAt <a href="https://infosec.exchange/tags/RSAC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RSAC</a> Conference 2025, Sean Martin, CISSP sat down with Rupesh Chokshi, Senior Vice President and GM of Application Security at Akamai Technologies, to talk about how AI-driven applications and <a href="https://infosec.exchange/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a> are reshaping the security landscape.🔐 Why are runtime attacks on APIs and <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> apps growing—and why is prevention alone no longer enough?Find out how Akamai is evolving its Web Application and API Protection (<a href="https://infosec.exchange/tags/WAAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WAAP</a>) strategies to meet these emerging threats head-on.🎙️ Watch, listen, or read the full story here: 👉 <a href="https://www.itspmagazine.com/their-stories/the-new-front-line-runtime-protection-for-ai-and-api-driven-attacks-a-brand-story-with-rupesh-chokshi-from-akamai-an-on-location-rsac-conference-2025-brand-story" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.itspmagazine.com/their-stories/the-new-front-line-runtime-protection-for-ai-and-api-driven-attacks-a-brand-story-with-rupesh-chokshi-from-akamai-an-on-location-rsac-conference-2025-brand-story</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apisecurity</a> <a href="https://infosec.exchange/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technology</a> <a href="https://infosec.exchange/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosecurity</a>

:mastodon: Mike Amundsen5 Ways to Secure Agentic Access to APIs | Nordic APIs | <a href="https://buff.ly/EfQmZis" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/EfQmZis</a>"This shift from human-driven API calls to autonomous and large-scale agentic interactions means that security must become more dynamic, more machine-centric, and based on workloads rather than simple identity." -- <a href="https://mastodon.social/tags/KristopherSandoval" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KristopherSandoval</a> <a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a> <a href="https://mastodon.social/tags/genAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#genAI</a>

Marco Ciappelli🎙️✨:verified: :donor:🌐 The Digital Terrain Is Shifting — Are Your Apps and APIs Ready?As AI adoption accelerates, so do AI-driven attacks. In their new research report, Akamai Technologies uncovers the evolving threats facing web applications and APIs — and how organizations can respond before attackers get ahead.State of Apps and API Security 2025: How <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> Is Shifting the Digital Terrain explores the sharp rise in automated, intelligent threats — and the new defenses emerging to meet them.📥 Download the full report here: <a href="https://itspm.ag/akamaixmwd" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://itspm.ag/akamaixmwd</a> 📌 Research like this helps <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> professionals, <a href="https://infosec.exchange/tags/leaders" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#leaders</a>, and <a href="https://infosec.exchange/tags/developers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#developers</a> stay ahead of the curve — and shape the future of <a href="https://infosec.exchange/tags/digital" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#digital</a> defense.🎙️ We’re also proud to feature Akamai in our RSAC 2025 coverage — with a Brand Story recorded pre-event and a follow-up conversation happening on location at the conference in San Francisco with Rupesh Chokshi, Sean Martin, CISSP, and Marco Ciappelli.Watch the pre-event recording here: <a href="https://youtu.be/DMm6INJ_2Z8" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://youtu.be/DMm6INJ_2Z8</a> 🙏 A huge thank you to the Akamai team for sponsoring our coverage and sharing their insights with our global audience.👇 Check out the report and stay tuned for more from RSAC:📥 Download the Report: <a href="https://itspm.ag/akamaixmwd" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://itspm.ag/akamaixmwd</a> 🌐 Explore our RSAC 2025 Coverage: <a href="https://www.itspmagazine.com/events/rsac-2025" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.itspmagazine.com/events/rsac-2025</a><a href="https://infosec.exchange/tags/akamai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#akamai</a> <a href="https://infosec.exchange/tags/rsac2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rsac2025</a> <a href="https://infosec.exchange/tags/brandstory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#brandstory</a> <a href="https://infosec.exchange/tags/apigateway" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apigateway</a> <a href="https://infosec.exchange/tags/applicationsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#applicationsecurity</a> <a href="https://infosec.exchange/tags/aiinsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aiinsecurity</a> <a href="https://infosec.exchange/tags/webappsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webappsecurity</a> <a href="https://infosec.exchange/tags/cybersecurityresearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurityresearch</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/devsecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devsecops</a> <a href="https://infosec.exchange/tags/digitaldefense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#digitaldefense</a> <a href="https://infosec.exchange/tags/threatintelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threatintelligence</a> <a href="https://infosec.exchange/tags/itspmagazine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#itspmagazine</a> <a href="https://infosec.exchange/tags/rsaconference" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rsaconference</a> <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apisecurity</a> <a href="https://infosec.exchange/tags/aiattacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aiattacks</a> <a href="https://infosec.exchange/tags/securityreport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityreport</a> <a href="https://infosec.exchange/tags/cybersecurityinnovation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurityinnovation</a> <a href="https://infosec.exchange/tags/securitystrategy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securitystrategy</a> <a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zerotrust</a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a>

Miguel Afonso Caetano"API keys are foundational elements for authentication, but relying solely on them is inherently a risky proposal.Firstly, there’s the reality that API keys are not securely designed — they were never meant to be used as the sole form of authentication, and as such, they aren’t really built for the task. These keys can often be easily stolen, leaked, or, in some cases (especially if generated incrementally), outright guessed. An API key is suitable for tracking usage but is poor for security.There is also the additional reality that keys in their default state lack some critical functionality. There’s not a lot of verification built-in for identity management, and what does exist offers very little in the way of granular access control.Ultimately, solely relying on API keys is a mistake common with novice developers but frighteningly common even in advanced products.Best Practices Instead of relying heavily on API keys as a sole mechanism, combine those keys with additional approaches such as OAuth 2.0 or mTLS. Implement rigorous expiration and rotation policies to ensure that keys which are made public are only useful for a short amount of time. Consider more advanced approaches, such as IP whitelisting or device fingerprinting, to add another layer of security atop the API key process."<a href="https://nordicapis.com/9-signs-youre-doing-api-security-wrong/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://nordicapis.com/9-signs-youre-doing-api-security-wrong/</a><a href="https://tldr.nettime.org/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#API</a> <a href="https://tldr.nettime.org/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a> <a href="https://tldr.nettime.org/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a> <a href="https://tldr.nettime.org/tags/APIDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIDesign</a> <a href="https://tldr.nettime.org/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebSecurity</a> <a href="https://tldr.nettime.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a>

:mastodon: Mike AmundsenWallarm Releases 2025 API ThreatStats Report, Revealing that APIs are the Predominant Attack Surface <a href="https://buff.ly/4aEd2fo" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://buff.ly/4aEd2fo</a>"Wallarm's researchers tracked 439 AI-related CVEs, a staggering 1,025% increase from the prior year. Nearly all (99%) were directly tied to APIs, including injection flaws, misconfigurations, and new memory corruption vulnerabilities stemming from AI's reliance on high-performance binary APIs."<a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/agenticAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#agenticAI</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a>

:mastodon: Mike AmundsenStrengthen API Access Control with Attribute-Based Authorization<a href="https://curity.io/blog/strengthen-api-access-control-with-attribute-based-authorization/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://curity.io/blog/strengthen-api-access-control-with-attribute-based-authorization/</a>"ABAC is a more powerful way to perform fine-grained authorization. However, you must be aware of where your APIs take the attributes from to perform authorization decisions. The attributes must come from a reputable source, and the API must be sure that no one has tampered with them." -- <a href="https://mastodon.social/tags/MichalTrojanowski" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MichalTrojanowski</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/oAuth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#oAuth</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a>

:mastodon: Mike AmundsenSecrets Management Core Practices<a href="https://dzone.com/refcardz/secrets-management-core-practices" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://dzone.com/refcardz/secrets-management-core-practices</a>"This Refcard delves into the core practices of secrets management, common challenges, and its pivotal role in modern security environments, providing a comprehensive guide for organizations aiming to enhance the security posture of their secrets management strategy." -- <a href="https://mastodon.social/tags/ApostolosGiannakidis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ApostolosGiannakidis</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a> <a href="https://mastodon.social/tags/secretsManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#secretsManagement</a>

:mastodon: Mike AmundsenCommon Risks Associated with APIs<a href="https://apichangelog.substack.com/p/common-risks-associated-with-apis" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://apichangelog.substack.com/p/common-risks-associated-with-apis</a>"You can group API risks into at least five categories: security, performance, operational, data integrity, and business. Each one of these categories has its implications and specific mitigation strategies. Let's look at each in more detail to understand what we're dealing with." -- <a href="https://mastodon.social/tags/BrunoPedro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BrunoPedro</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a> <a href="https://mastodon.social/tags/apiDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiDesign</a>

:mastodon: Mike AmundsenFuzzing JSON to find API security flaws<a href="https://danaepp.com/fuzzing-json-to-find-api-security-flaws" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://danaepp.com/fuzzing-json-to-find-api-security-flaws</a>"When it comes to API hacking, fuzzing JSON payloads can expose some interesting security vulnerabilities." -- <a href="https://mastodon.social/tags/DanaEpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DanaEpp</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a> <a href="https://mastodon.social/tags/JSON" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JSON</a>

Matthew ReinboldEver wonder how secure your smart home devices really are? 🔐 The latest Net API Notes article dives into a real-life API vulnerability that put millions of COX modems at risk. Discover four crucial API security questions any API producer should consider! 🏡💻 <a href="https://opinuendo.com/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a> <a href="https://opinuendo.com/tags/SmartHome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SmartHome</a> <a href="https://opinuendo.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://opinuendo.com/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a> <a href="https://opinuendo.com/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a><a href="https://netapinotes.com/uncovering-api-vulnerabilities-lessons-from-the-cox-modem-breech/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://netapinotes.com/uncovering-api-vulnerabilities-lessons-from-the-cox-modem-breech/</a>

:mastodon: Mike AmundsenOAuth: "grant" vs "flow" vs "grant type"<a href="https://aaronparecki.com/2024/03/29/3/oauth-terminology" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://aaronparecki.com/2024/03/29/3/oauth-terminology</a>"Is it called an OAuth 'grant' or a 'flow'? What about 'grant type'?" -- <a href="https://mastodon.social/tags/AaronParecki" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AaronParecki</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a> <a href="https://mastodon.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OAuth</a>

:mastodon: Mike AmundsenUsing OPA To Achieve Zero-Trust APIs<a href="https://nordicapis.com/using-opa-to-achieve-zero-trust-apis/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://nordicapis.com/using-opa-to-achieve-zero-trust-apis/</a>"Open Policy Agent takes this one step further, presenting a unified but decentralized open-source solution for setting standards for authorization. By adopting OPA, you get the best of both worlds — a decentralized stack that still has a unified policy engine. " -- <a href="https://mastodon.social/tags/KristopherSandoval" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#KristopherSandoval</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a> <a href="https://mastodon.social/tags/OPA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OPA</a>

Nicolas Fränkel 🇺🇦🇬🇪I lastly stumbled upon a list of 16 practices to secure your <a href="https://mastodon.top/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APIs</a>. In this two-post series, I’d like to describe how we can implement each item with <a href="https://mastodon.top/tags/ApacheAPISIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ApacheAPISIX</a> (or not).<a href="https://blog.frankel.ch/secure-api-practices-apisix/1/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.frankel.ch/secure-api-practices-apisix/1/</a><a href="https://mastodon.top/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://mastodon.top/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APISecurity</a>

:mastodon: Mike AmundsenShadow APIs are opening organizations to attacks: Report<a href="https://www.csoonline.com/article/1288864/shadow-apis-are-opening-organizations-to-attacks-report.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.csoonline.com/article/1288864/shadow-apis-are-opening-organizations-to-attacks-report.html</a>"Organizations are either failing to fully defend themselves or are relying on incomplete protection of APIs without real-time visibility" -- <a href="https://mastodon.social/tags/ShwetaSharma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ShwetaSharma</a><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#api360</a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#apiSecurity</a> <a href="https://mastodon.social/tags/Observability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Observability</a>

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#apisecurity