APIs Have Changed – and They’re Changing the Security Landscape
The push for digital transformation has impacted just about every industry across the globe, and APIs are a key enabler for this transformation. Since applications have been using APIs for a couple decades, we haven’t been as aware of how the security implications have evolved as we are when we ... Read More
3 Reasons You Might Be Failing at API Security
APIs have been around for the better part of 20 years and have evolved significantly since the early days when a limited set of companies used APIs to address a limited set of needs. In recent years, use has exploded, with APIs becoming increasingly prevalent in the application environments of ... Read More
Building API Context with a New Tech Talk Video Series
Today we’re kicking off a new tech talk video series called Building Context, where we’ll be covering a range of topics around APIs and API security. In this first episode, Michael Isbitski, Salt Security Technical Evangelist, joins and brings a wealth of knowledge from his five years on the Gartner for ... Read More
Open Banking – Security Implications of the Global Trend
Open banking originated and is most evolved in Europe, but its concepts have reached just about every corner of the globe with financial services and FinTech companies around the world taking notice. While lots of companies do not yet fall under specific open banking regulations, many have used its constructs ... Read More
Lessons from the FinTech Trenches Securing APIs at Finastra
On a recent webinar with Security Boulevard, we were fortunate to host Nir Valtman, Finastra head of product and data security, to share insights into his API security journey. You can view the entire session on the Salt YouTube channel, and here are some of the highlights from the discussion:1:49 ... Read More
5 Takeaways from Gartner Report: API Insights for Software Engineering Leaders
Engineering leaders have a lot on their plate, and keeping up with the latest technologies and security requirements can be a challenge. With the proliferation of APIs in all modern applications, understanding the ins and outs of APIs is more critical than ever.Gartner analysts Mark O'Neill and Shameen Pillai recently ... Read More
Securing APIs – It’s Different Than Securing Apps
I recently tuned into a CISO panel discussion and one of the panelists said something that struck me – “Application security today is less about the applications and more about the APIs.” On one side, that’s a perspective I take for granted, so I thought he was stating the obvious ... Read More
Is OAS Enough For API Security?
The OpenAPI Specification (OAS) (fka Swagger Specification) is a way to describe and create API documentation for REST APIs along with their components such as details on endpoints, their operations, parameters needed for the operations, expected responses for every operation, authentication methods, and annotations. The OAS is an easy format ... Read More
What Are JWTs And Are They Vulnerable To Attacks?
It’s time for episode number 5 of API Security With A Pinch Of Salt and in this episode Chris, Adam, and Ran talk about JSON Web Tokens (JWTs), an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.JWTs ... Read More
What Is The OWASP API Security Top 10
The Open Web Application Security Project has been around since 2001 and is best known for the OWASP Web Application Security Top 10 which has set the standard for how organizations have approached security to protect traditional web applications. The OWASP Top 10 projects are community driven and experts from ... Read More
