API security

API security is the cornerstone of a connected business’ identity and access management strategy. As more apps move into the cloud and connections between services become standard, APIs drive business growth, connect clients with their customers, and stimulate technological advancement. A comprehensive strategy for APIs requires thoughtful security measures.

What Is an API?

API is an acronym that stands for “application programming interface,” and it allows apps to send information between each other. While there are numerous protocols and technologies involved, the underlying purpose of APIs is always the same: to let one piece of software communicate with another.  APIs (sometimes described as web services) work in…

What Is a Data Breach?

A data breach happens when cybercriminals gain unauthorized access to a system or network, allowing them to search for sensitive data pertaining to a business and its customers, and using it to extract some form of illegal value. Attackers might sell this data on the dark web, directly engage in fraud, hold the information for ransom, or use it to…

API Security Threats in the Real World

When we think of compromised API security, we typically see an image of a hoodie-wearing hacker toiling away in a darkened room, targeting a bank’s server. We can imagine them compiling a custom tool, launching it against the system, and celebrating as your 401k becomes theirs. Alternatively, we may even picture armies of hackers using…

Want to Be Part of the API Economy? Don’t Forget Your API Access Management

The growth of organizations like Uber and Airbnb has shone a spotlight on the rapidly developing application programming interface (API) economy. These two organizations—and hundreds of others like them—have found success with their disruptive business models because, rather than trying to reinvent the wheel each time, they’ve capitalized on…

5 Approaches to API Security

The goal when implementing API security is to safely ensure the right people and systems have access to the right things to accomplish their task in the shortest time necessary. In this blog we’ll take a quick look at the pros and cons of the 5 approaches to API security described in greater detail within our white paper, API Security from…

OAuth: When Things Go Wrong

Picture this: you sign up for a new app, and it asks if any of your friends are using it. In order to find out, the app asks for your email address...and your password. While it seems ludicrous now, this was once considered a normal user flow. But many apps still need permissions from third-party programs. And if users can’t do this safely, they…

Using SIEM and Identity to Protect Against Data Breaches

“We are what we repeatedly do“ is a common paraphrase of Aristotle—though if he were around today, his sentiment might be more like “we are what we search, click, or connect to.” As security professionals well know, there’s a lot to learn from how we use technology. The interactions between users, applications, networks, devices, and APIs all…

The Connective Tissue: How APIs Drive Business Growth

Most of the pivotal developments in human history have facilitated better connection. From written language to the Gutenberg printing press, whenever we improve our communication, society as a whole leaps forward. In the digital era, the internet revolutionized our lives by enabling instant global communication. This paved the way for what could…

Archive