fbpx

breach analysis

Subscribe for expert insights to protect your applications.

Thanks! Your subscription has been recorded.

The Business Case for API Security: Why API Security? Why Now?

The Business Case for API Security: Why API Security? Why Now?

The Business Case for API Security: Why API Security? Why Now? We are just about to finish yet another year -- 2022. And in terms of cybersecurity and specifically, API Security, the past 12 months has been quite a challenge for many industries. As with any emerging...

The Perils of Overestimating the Security of Your APIs

The Perils of Overestimating the Security of Your APIs

In 2019, I hacked 30 bank mobile apps and APIs in coordination with domestic and international financial services and FinTech companies. In 2020-2021, I hacked 30 mobile health (mHealth) apps and FHIR APIs in coordination with healthcare providers, giving me access to thousands of patient records via their APIs due to broken authentication and authorization vulnerabilities. This year, in coordination with federal and state law enforcement agencies, I was able to take remote control of law enforcement vehicles through the automaker’s APIs.