API Security in 2023: Major Insights from Postman’s State of the API Report
📣 Good news for all tech enthusiasts! The highly anticipated 2023 State of the API Report, conducted by Postman – one of the leading dev tools for building APIs, is now available ...
2023 OWASP Top-10 Series: Introduction
In early June 2023, OWASP released the final version of the OWASP API Security Top-10 list update. At that time we published a “hot take” on this final version and followed that ...
Wallarm at Black Hat USA 2023 Booth #3131
Wallarm is excited to be back at Black Hat USA this year and meet with our friends in the community wanting (or perhaps needing) to learn more about integrated web app and ...
Q2-2023 API ThreatStats™ Report: API Exploits Are Everywhere: from NVIDIA to Reddit and more!
Our Q2-2023 API ThreatStats™ report is out. It provides API builders, defenders, breakers, and decision-makers with a comprehensive look at the API security vulnerabilities, threats and exploits reported this past quarter. This ...
Maximizing Performance with Wallarm Filtering Nodes in Amazon’s Global Infrastructure
Introduction In today’s digital landscape, ensuring the security and performance of web applications is paramount. To achieve optimal protection against cyber threats, organizations deploy web application and API protection (WAAPs) like Wallarm ...
Introducing Integrated API Abuse Prevention to Combat Bad Bots
In recent years there’s been a rise in “API Abuse” attacks, which includes detrimental automated behaviors such as malicious bots, account takeover (ATO), credential stuffing, application layer (L7) DDoS, data scraping, and ...
GCP ESPv2 Hit with Critical API Authorization Bypass CVE-2023-30845
Ivanwallarm | | API security, CVE-2023-30845, cyberattacks, Different attack types, JWT Authentication
This post delves into a very impactful JWT Authentication Bypass vulnerability (CVE-2023-30845) found in ESP-v2, an open-source service proxy that provides API management capabilities using Google Service Infrastructure. This vulnerability allows malicious ...
What You Need To Know About The MOVEit
The MOVEit Vulnerabilities and Latest Exploits. Impact On Governmental Agencies And Large Organizations Governmental agencies and large organizations around the world are being hit by ransomware attacks exploiting several vulnerabilities in MOVEit, ...
OWASP APIsec Top-10 2023 Is Here | API Security Newsletter
Welcome to our May API newsletter, recapping some of the events of last month. As the old proverb goes, April showers bring May flowers – and this means the bees at the ...
Holistic API Security Strategy for 2023
In the digital landscape of 2023, Application Programming Interfaces (APIs) have taken center stage in business operations. APIs act as the backbone of many digital services, enabling software applications to communicate and ...