API Security Articles
The Latest API Security News, Vulnerabilities & Best Practices
APISecurity.io is a community website for all things related to API security. Our daily news and weekly API Security newsletter cover the latest breaches, vulnerabilities, standards, best practices, regulations, and technology.
API Security Encyclopedia provides details on possible security issues in API contracts and how to remediate them, and our tools help you evaluate how secure the APIs you are working on actually are.
Subscribe to the API Security newsletter
By clicking Subscribe you agree to our Data Policy
From the APISecurity.io Twitter
Last week was AWS re:Invent and in the keynote CTO Werner Vogels addressed 6 rules for good API design — good to see APIs receiving prominent attention they deserve.
https://thenewstack.io/werner-vogels-6-rules-for-good-api-design/
As we head to the end of the year a recap of some big API security breaches in 2021 — "For as long as security remains an afterthought in the development life cycle, hackers will continue to successfully exploit API security flaws."
https://securityboulevard.com/2021/11/biggest-api-security-attacks-of-2021-so-far/
"The disconnect between the necessity of application programming interfaces (APIs) and their horrible reputation as security black holes" — views from @cisco's Vijoy Pandey on API security in @techrepublic
https://www.techrepublic.com/article/how-well-do-you-know-your-apis-not-well-enough-says-cisco/
Seven reasons your API security is failing — most important for me is "Putting the onus of API security on the developer"
https://amazicworld.com/7-reasons-your-api-security-strategy-is-failing-how-to-fix-it/
API Security weekly newsletter issue #162 is out. Main stories this week from @hackernews on GCP vulnerabilities, @kcblogumi on GraphQL, André Rainho' Awesome API security list, and @AppSecEngineer on API security training.
https://apisecurity.io/issue-162-compromised-googe-cloud-accounts-graphql-as-api-gateway-api-security-guide-and-training/
API Security Newsletter Archive
- 8 December, 21
- 1 December, 21
- 30 November, 21
- 24 November, 21
- 18 November, 21
- 10 November, 21
- 3 November, 21
- 27 October, 21
- 20 October, 21
- 13 October, 21
From the APISecurity.io Twitter
Last week was AWS re:Invent and in the keynote CTO Werner Vogels addressed 6 rules for good API design — good to see APIs receiving prominent attention they deserve.
https://thenewstack.io/werner-vogels-6-rules-for-good-api-design/
As we head to the end of the year a recap of some big API security breaches in 2021 — "For as long as security remains an afterthought in the development life cycle, hackers will continue to successfully exploit API security flaws."
https://securityboulevard.com/2021/11/biggest-api-security-attacks-of-2021-so-far/
"The disconnect between the necessity of application programming interfaces (APIs) and their horrible reputation as security black holes" — views from @cisco's Vijoy Pandey on API security in @techrepublic
https://www.techrepublic.com/article/how-well-do-you-know-your-apis-not-well-enough-says-cisco/
Seven reasons your API security is failing — most important for me is "Putting the onus of API security on the developer"
https://amazicworld.com/7-reasons-your-api-security-strategy-is-failing-how-to-fix-it/
API Security weekly newsletter issue #162 is out. Main stories this week from @hackernews on GCP vulnerabilities, @kcblogumi on GraphQL, André Rainho' Awesome API security list, and @AppSecEngineer on API security training.
https://apisecurity.io/issue-162-compromised-googe-cloud-accounts-graphql-as-api-gateway-api-security-guide-and-training/
