API Security in 2023: Major Insights from Postman’s State of the API Report
📣 Good news for all tech enthusiasts! The highly anticipated 2023 State of the API Report, conducted by Postman – one of the leading dev tools for building APIs, is now available. This comprehensive report, produced annually, is backed by an extensive survey and offers a deep dive into the ... Read More
2023 OWASP Top-10 Series: Introduction
In early June 2023, OWASP released the final version of the OWASP API Security Top-10 list update. At that time we published a “hot take” on this final version and followed that up with an in-depth look at the new risk ratings for 2023. Today we’re kicking off a multi-post ... Read More
Wallarm at Black Hat USA 2023 Booth #3131
Wallarm is excited to be back at Black Hat USA this year and meet with our friends in the community wanting (or perhaps needing) to learn more about integrated web app and API protection. We look forward to seeing you there! Expo Hours If you’re attending in person, the Business ... Read More
Q2-2023 API ThreatStats™ Report: API Exploits Are Everywhere: from NVIDIA to Reddit and more!
Our Q2-2023 API ThreatStats™ report is out. It provides API builders, defenders, breakers, and decision-makers with a comprehensive look at the API security vulnerabilities, threats and exploits reported this past quarter. This report provides everyone involved in API development, security and strategy with actionable intelligence to strengthen their API security ... Read More
Maximizing Performance with Wallarm Filtering Nodes in Amazon’s Global Infrastructure
Introduction In today’s digital landscape, ensuring the security and performance of web applications is paramount. To achieve optimal protection against cyber threats, organizations deploy web application and API protection (WAAPs) like Wallarm. However, to truly leverage the benefits of Wallarm, deploying filtering nodes closest to the client using Amazon’s global ... Read More
Introducing Integrated API Abuse Prevention to Combat Bad Bots
In recent years there’s been a rise in “API Abuse” attacks, which includes detrimental automated behaviors such as malicious bots, account takeover (ATO), credential stuffing, application layer (L7) DDoS, data scraping, and more. For instance, in April-2021 malicious actors scraped the personal data of over 533 million Facebook users, including ... Read More
What You Need To Know About The MOVEit
The MOVEit Vulnerabilities and Latest Exploits. Impact On Governmental Agencies And Large Organizations Governmental agencies and large organizations around the world are being hit by ransomware attacks exploiting several vulnerabilities in MOVEit, a widely used file transfer solution. The situation is highly dynamic, with a 3rd zero-day vulnerability disclosed as ... Read More
OWASP APIsec Top-10 2023 Is Here | API Security Newsletter
Welcome to our May API newsletter, recapping some of the events of last month. As the old proverb goes, April showers bring May flowers – and this means the bees at the Wallarm hive have been in full foraging mode and the honey is flowing: lots of updates & improvements ... Read More
OWASP API Security Top-10 for 2023 Risk Ratings
As you know by now, the final version of the OWASP API Security Top-10 2023 has been released. At first blush, the final 2023 release seems to retain most of the changes in category naming, language and intent from the 2019 edition which we saw in the RC version. In ... Read More
OWASP API Security Top-10 Risks for 2023 Released
Back in April we took an in-depth look at the proposed OWASP Top-10 API Security Risks list for 2023. This Release Candidate (RC) contained a few changes from the 4-year-old version, most notably: Well, it appears the final version of the OWASP API Security Top-10 2023 has been released, although ... Read More
