Subscribe for expert insights to protect your applications.
Thanks! Your subscription has been recorded.
The Business Case for API Security: Why API Security? Why Now? We are just about to finish yet another year -- 2022. And in terms of cybersecurity and specifically, API Security, the past 12 months has been quite a challenge for many industries. As with any emerging...
NextRoll Gains 8x Visibility into APIs and Solves API Sprawl It's time for another customer story from Traceable! Today's blog highlights NextRoll's journey to API Security, and specifically their struggle with API Sprawl and gaining visibility into all APIs. Let's...
Cloud DLP: What It Is and Why It's Needed The 21st century has moved data storage practices from traditional modes such as the use of hard drives to incorporate cloud-based methods. Cloud data storage involves storing data in a secure manner on the internet through a...
Sensitive Data Leakage: Defined and Explained We live in a digital world where everything happens on the internet, from filling out important financial forms to online shopping. All such activities require you to fill in some sensitive data via the internet. As more...
OWASP API Top 10 for Dummies: Part III Welcome back to our blog series on the OWASP API Top 10! This is continued from Part I and Part II. If you haven’t read the first two parts in this blog series, check them out! These blogs are written for a non-technical...
Black Friday Cybersecurity: Insights from Traceable Chief Security Officer, Richard Bird. It's that time again -- the season of Black Friday and Cyber Monday, and all the cybersecurity trimmings that come along with them. This time of year, retail and e-commerce shops...
Welcome back to our blog series on the OWASP API Top 10! In Part II, we tackle Lack of Rate Limiting, Broken Function Level Authorization (BFLA), and Mass Assignment.
Read on to discover what a security posture is and tips for strengthening your posture to prevent attacks from causing significant damage.
Many business leaders remain in the dark about the dangers of bot attacks. Let’s learn about how they work, and tips for preventing them.
API Abuse: Types, Causes, and How to Defend Against Them There are a few real-life analogies we can use to describe APIs. One is that they're like doors that provide access to an underlying system. It's an apt security analogy. You want doors to open smoothly and...
OWASP API Top 10 for Dummies Part I Introduction In this blog series I will try to explain the most common threats for APIs using simple analogies. I started thinking about writing this blog last time I was visiting my grandfather. He asked me - “Inon, what do you do...
9 Must-Know Data Security Threats and How to Combat Them Companies across all industries are increasing their use of data and analytics. According to one study, 50% of data and analytics leaders say business intelligence and analytics usage is increasing. What’s more,...
This Halloween, we’re gonna imagine the scariest thing possible: a world that is…suddenly…without APIs! Imagine it. You’re used to scrolling your smartphone, connecting to maps, music, and other apps in your car. You can order ahead on your phone, you can email any...
Cybersecurity Roundup for 10.17.2022: Text4Shell Apache Commons Text vulnerability, Microsoft vulnerabilities and layoffs, and more from Operation Cuckoobees Ramifications of the Apache Commons Text4shell vulnerability, Upheaval at Microsoft, and Operation Cuckoobees...
Traceable's Co-Founder and CEO, Jyoti Bansal Named to the Enterprise Security Tech Cyber Influencer Top 10 List Jyoti Bansal, Traceable Co-Founder and CEO has been named to the Enterprise Security Tech Cyber Influencer Top 10 List and we are super excited by the...
API Security Innovation - A Security Executive Perspective Last week, Traceable’s Chief Security Officer, Richard Bird, sat down for a fireside chat to discuss API security innovation and give his perspectives on the industry, emerging threats, and where API security...
Cybersecurity Roundup for the Week of 10.10.2022: Thoma Bravo Completes Yet Another Acquisition, More API Vulnerabilities, and a US Airport Cyberattack This week, Thoma Bravo, Vista Equity and Thales made headlines on their latest rounds of acquisitions. Aqua Security...
Traceable Named a "Leader" in the 2022 GigaOm Radar for API Security Traceable has been named a Leader in the GigaOm Radar Report for API Security, and we are thrilled to be included and acknowledged in this emerging space! GigaOm Considerations for Leadership In...
This week brought us the Uber Conviction, new CISA rules on asset discovery scanning, and more details in the ransomware attack on the Los Angeles School District. Uber’s former chief security officer convicted over cover-up of 2016 data breach where hackers...
Traceable’s own Andrew Wesbecher discussed the importance of API security in the new, API-driven landscape of software development.
Cybersecurity Awareness Month 2022: New Theme, New Perspective It’s that time of year again – cybersecurity awareness month! This year’s CISA theme is See Yourself in Cyber. The intention is to bring awareness to the more human aspects of cybersecurity. Specifically,...
Attack on unauthenticated API endpoint at Optus, CISA’s Warning on Cyber Risk, and Another perspective on the Uber hack. This week witnessed an API endpoint attack at Optus. Optus is an Australian telecommunications company headquartered in New South Wales. It is...
Traceable September Webinar Lineup Here at Traceable, we’re working hard to bring you informative content and webinars, guaranteed to help inform your API security decisions. This month, we have quite the lineup of exciting topics to share. API Sprawl: What It Is and...
Even with essential safeguards in place, websites can be vulnerable. Let’s learn what an API failure is, what causes them and how to fix them.
Today, we are excited to announce API Security Testing! This addition to our API Security platform brings fully automated, closed-loop security testing to organizations’ APIs. We all remember the famous phrase of Andreessen Horowitz, “Software is eating the world”. It...
Smart companies use APIs to serve their clients. Whether the user is using a web browser or a mobile app, they're probably talking to an API. They make it easier to upgrade the user experience, add new products, and talk to new businesses and new markets. But APIs...
When people think of software architecture, they often picture layers of code. But in recent years, there's been a shift from this model—known as the monolithic approach—toward a more modular development style. This new approach, known as microservices, has given rise...
The Black Hat Conference for 2022 has concluded and, once again, there was no shortage of new emerging security technologies, informative sessions, and broader concerns surrounding APIs, data security, the software supply chain and code security. The conference was...
Today, we are excited to announce enhanced data protection capabilities in our API Security platform component, API Protection! This update focuses on providing proactive protection against deeper and broader API abuse attempts that lead to fraud, and the compromising...
eBPF promises to radically advance what our infrastructure, application, and security tools will be able to do. Here’s some background on what eBPF is, how it works, and why Traceable is the leading API Security solution working with eBPF.
Zero trust security is the best answer to modern security threats. Learn how to adopt a zero trust security model in your applications and how Traceable AI can help.
It’s difficult to implement all the best practices for every possible attack vector, especially since new vulnerabilities are always being discovered. That doesn’t mean you shouldn’t try.
This post will walk you through how to create a next js serverless app from scratch. You’ll learn how to combine and use Next.js and MongoDB.
MITRE takes a step back and looks at the behavior of an attacker instead of just a specific signature or IP address. It looks from the attacker perspective and discerns the behavior.
This year’s RSA Conference was the first time that API Security became a primary focus.
Shift left is not just about shifting your tools and process but the knowledge as well.
Today, we are excited to announce the new functionalities of API Catalog, Traceable’s API discovery and risk posture management solution! We have witnessed, first hand, a new shift within the software development industry, one that hasn’t been addressed fully by the...
What are GraphQL Fragments? How can you take advantage if them to write cleaner code and more efficient applications? Find out here.
Agents-based gathering methods have evolved and matured to listen for and record deeper and wider to ascertain more data-driven insights and analysis.
To stay relevant as a cybersecurity professional, you need to understand the microservices and what are the changes in architectures and APIs and how they can be attacked.
We will continue to invest in building unassailable API security that operates at hyperscale for complete API discovery, posture management, protection, and operational analytics.
In this post, we’ll look at API latency including how you measure it, the difference between API response time and API latency, and more.
The beginning of defining a framework for what requirements a good API security solution should meet. Intended to encourage a healthy discussion and be a tide that lifts all boats in getting to a more secure API-driven future.
Organizations must understand all the APIs in their ecosystems, as well as the specific risks associated with each of them to both detect and protect against attacks.
Cyberspace is the ultimate equalizer where it doesn’t matter how much money or resources a company has, everyone is equally vulnerable to a breach.
Thinking about how to secure microservices? In this article you’ll find 6 things you can’t forget when it comes to microservices security.
Serverless vs containers: Which one is right for your application? Learn more about these two main approaches to deploying applications.
This post explains what a CRUD API is and how to apply it to different use cases to protect and interact with data in very specific ways.
We now have advanced tools that can make threat hunting easier and more accessible. In this post, learn about 5 threat hunting tools for API security.
Learn what DDoS is and what it can do to your API endpoints, how to mitigate DDOS attacks, and build a security response.