API Security Articles

The Latest API Security News, Vulnerabilities & Best Practices

APISecurity.io is a community website for all things related to API security. Our daily news and weekly API Security newsletter cover the latest breaches, vulnerabilities, standards, best practices, regulations, and technology.

Our developer-friendly tools help you to assess how secure your APIs really are and to remediate all vulnerabilities at design and runtime.

Subscribe to the API Security newsletter

By clicking Subscribe you agree to our Data Policy

From the APISecurity.io Twitter

Today @radware discusses four assumptions that prevent effective API protections — worth reading for security teams protecting APIs.

https://blog.radware.com/application-security-4/2022/02/4-assumptions-preventing-effective-api-protection/

Thoughts today on how open APIs can help promote improvements in cloud-based security via higher integrations of disparate systems, and central security management.

https://www.developer-tech.com/news/2022/jun/01/how-cloud-based-security-is-becoming-more-powerful-thanks-to-open-apis/

Mark Cassetta from @axiomatics shares his ideas on policy-as-code and how it can simplify API security via central policies and enforcement points.

https://sdtimes.com/api/how-policy-as-code-can-simplify-api-security/

A report from @PortSwigger indicates that one in every thirteen incidents is due to API insecurity.

https://portswigger.net/daily-swig/one-in-every-13-incidents-blamed-on-api-insecurity-report

API Security weekly newsletter issue #190 is out. Main stories this week from @Akamai on API security, @Indusface with an API security checklist, @radware
on API security overconfidence, and a video from @neilmaddog on JWTs.

https://apisecurity.io/issue-190-akamais-report-on-apis-api-security-checklist-dangers-of-api-security-overconfidence/

From the APISecurity.io Twitter

Today @radware discusses four assumptions that prevent effective API protections — worth reading for security teams protecting APIs.

https://blog.radware.com/application-security-4/2022/02/4-assumptions-preventing-effective-api-protection/

Thoughts today on how open APIs can help promote improvements in cloud-based security via higher integrations of disparate systems, and central security management.

https://www.developer-tech.com/news/2022/jun/01/how-cloud-based-security-is-becoming-more-powerful-thanks-to-open-apis/

Mark Cassetta from @axiomatics shares his ideas on policy-as-code and how it can simplify API security via central policies and enforcement points.

https://sdtimes.com/api/how-policy-as-code-can-simplify-api-security/

A report from @PortSwigger indicates that one in every thirteen incidents is due to API insecurity.

https://portswigger.net/daily-swig/one-in-every-13-incidents-blamed-on-api-insecurity-report

API Security weekly newsletter issue #190 is out. Main stories this week from @Akamai on API security, @Indusface with an API security checklist, @radware
on API security overconfidence, and a video from @neilmaddog on JWTs.

https://apisecurity.io/issue-190-akamais-report-on-apis-api-security-checklist-dangers-of-api-security-overconfidence/