API Security Newsletter

Subscribe to the weekly API Security Newsletter

By clicking Subscribe you agree to our Data Policy

Subscribe to the weekly API Security Newsletter

By clicking Subscribe you agree to our Data Policy

Get live news from our twitter feed

#API #Security #Newsletter issue #6 is out. Top stories by @pingidentity, @TheRegister, @xargsnotbombs, @balaganski / @kuppingercole, @ErickaChick / @DarkReading https://t.co/JeWWdiuvm6

Do not trust surveys. According to one by @pingidentity, if a company gets a data breach 78% of customers will stop interacting with it online and 36% will never use it at all. Yet, we are not seeing #T-Mobile or #BritishAirways shares drop post-breaches. https://t.co/zaHBB7ioMW

#Steam gaming service had an API vulnerability in license generation API. Anyone registered at their partner portal could call their /partnercdkeys/assignkeys/ with unexpected param values and get thousands of keys to use or resell. https://t.co/3ktC32c1lr via @TheRegister

We have already covered "Illustrated TLS" site by @xargsnotbombs. It had step-by-step illustration of how 1.2 works. Now, he has launched a version of the site for TLS 1.3! Quite a few changes in the protocol so go check it out. https://t.co/bWL95u8sRc

#DevSecOps piece by @kuppingercole's @balaganski: The days of relying only on a WAF are over, need API Security-specific solutions. Microservices are containers + APIs. Security strategy need to include: #containers, #APIs, #microservices, #data https://t.co/OtiSXg6C1e

Have feedback or a story to share? Get in touch.