When it comes to API development, it’s not just a matter of testing for security gaps but also when you test your APIs. Only testing prior to deployment can lead to serious vulnerabilities. Discover how developers can build API security into the design with Shift Left API Security Testing, and identify flaws early...
According to a recent survey conducted by Noname Security, 41% of
organizations experienced an API security incident in the last 12 months and
63% of the incidents involved a data breach or data loss. Filip Verloy, technical
evangelist, EMEA at Noname Security, says that “tighter integration of API
Noname Security has released its new API Security Trends Report and - no surprise - API usage has grown exponentially. The bad news: So have API attacks by opportunistic adversaries. Karl Mattson of Noname discusses the report and some new ways of approaching API security.
Digital transformation has made enterprises more dependent than ever on APIs. And as a result, API security is now more critical than ever. Roey Eliyahu of Salt Security discusses API attacks, misconceptions and what's truly needed in an effective API security solution.
There were no CISOs when Marene Allison started her career. There was not even a cybersecurity discipline. But starting with a distinguished stint in the military, she has progressed through the public and private sectors - including time with the FBI - to become CISO for Johnson & Johnson.
SonarSource has raised $412 million on a $4.7 billion valuation to establish a physical presence in Asia and increase its wallet share with existing customers. The company wants to open an office in Singapore and pursue opportunities in China, South Korea, Taiwan, Singapore, Japan and Australia.
Gartner heaped praise on Synopsys for having the most complete vision and strongest execution ability around application security testing, while Checkmarx took the silver. Veracode was awarded bronze for its execution ability, while HCL Software took the bronze for completeness of vision.
Speaking about his role as managing director, business information security, at financial giant State Street, TJ Hart says, "I wake up nervous, and I go to bed nervous." But he channels that energy into trying to better understand the threat landscape and use that data to make better business risk decisions.
Leon Ravenna, CISO of KAR Global, starts each day on the job with the expectation that this could be his last. That's how urgent cybersecurity has become, and it's in part why he's driven to dispatch the image of the CISO as the bureaucratic "Dr. No."
Ransomware and nation-state threats are daunting. But the threat that concerns Mustapha Kebbeh the most is supply chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.
Obsidian Security has closed a Series C funding round to prevent session hijacking on more platforms and increase the number of SaaS applications being defended. Obsidian wants to go from protecting 25 major SaaS applications today to safeguarding hundreds of SaaS applications in a year or two.
Ronin Network, which powers the popular NFT game Axie Infinity, announced it had been the victim of a security breach that amounted to about $615 million in stolen funds. The company tweeted that the attacker's wallet had been connected to Binance and that an investigation is currently underway.
Digital transformation and application modernization are exponentially driving up the use of APIs. We’re using more APIs than ever, and they’re more functional than ever. They’re also more attractive to hackers than ever, but lots of organizations are hanging onto old ways of thinking about API security.
In the latest weekly update, four editors at ISMG discuss important cybersecurity issues, including the lessons we can learn from Okta's breach fallout and subsequent response, how the first NFT rug pull of 2022 has amounted to over $1 million, and the much-anticipated return to in-person events.
The disruption of tens of thousands of Viasat consumer broadband modems across central Europe on Feb. 24 when Russia invaded Ukraine may have involved "AcidRain" wiper malware, security researchers at SentinelOne report. Viasat says those findings are "consistent" with the known facts of the attack.