Subscribe for expert insights to protect your applications.
Thanks! Your subscription has been recorded.
Sensitive Data Exfiltration: The New Nemesis of API Security This past year has brought many different industries some of the worst data breaches in history, and API data breaches have topped that list. Large companies such as T-Mobile, Optus, and several automotive...
Traceable Announces Commitment to Respecting Data by Becoming a 2023 Data Privacy Week Champion This year’s initiative emphasizes educating businesses on data collection best practices that respect data privacy and promoting transparency. Data Privacy Week is an...
Introduction - What is API Abuse? API Abuse has recently become an important topic among security professionals, and for good reason. In the past two years, we’ve seen large scale data breaches happen as a result of APIs being abused and misused in some way. API Abuse...
A Modern Approach to API Governance: Challenges and Recommendations Introduction With any IT system, old or new, adequate risk management is critical for sufficient system protection, prioritizing of issues, data privacy, and making sure appropriate compliance...
This article will go over how defense in depth and layered security work as well as the benefits of using them.
In today’s post, we’ll guide you through the modernization of your legacy application and determine if it’s something you should implement.
In this post, you’ll learn some essential tips and tricks about planning your cloud security architecture.
The Business Case for API Security: Why API Security? Why Now? We are just about to finish yet another year -- 2022. And in terms of cybersecurity and specifically, API Security, the past 12 months has been quite a challenge for many industries. As with any emerging...
Cloud DLP: What It Is and Why It's Needed The 21st century has moved data storage practices from traditional modes such as the use of hard drives to incorporate cloud-based methods. Cloud data storage involves storing data in a secure manner on the internet through a...
Sensitive Data Leakage: Defined and Explained We live in a digital world where everything happens on the internet, from filling out important financial forms to online shopping. All such activities require you to fill in some sensitive data via the internet. As more...
OWASP API Top 10 for Dummies: Part III Welcome back to our blog series on the OWASP API Top 10! This is continued from Part I and Part II. If you haven’t read the first two parts in this blog series, check them out! These blogs are written for a non-technical...
Black Friday Cybersecurity: Insights from Traceable Chief Security Officer, Richard Bird. It's that time again -- the season of Black Friday and Cyber Monday, and all the cybersecurity trimmings that come along with them. This time of year, retail and e-commerce shops...
Welcome back to our blog series on the OWASP API Top 10! In Part II, we tackle Lack of Rate Limiting, Broken Function Level Authorization (BFLA), and Mass Assignment.
Read on to discover what a security posture is and tips for strengthening your posture to prevent attacks from causing significant damage.
Many business leaders remain in the dark about the dangers of bot attacks. Let’s learn about how they work, and tips for preventing them.
API Abuse: Types, Causes, and How to Defend Against Them There are a few real-life analogies we can use to describe APIs. One is that they're like doors that provide access to an underlying system. It's an apt security analogy. You want doors to open smoothly and...
OWASP API Top 10 for Dummies Part I Introduction In this blog series I will try to explain the most common threats for APIs using simple analogies. I started thinking about writing this blog last time I was visiting my grandfather. He asked me - “Inon, what do you do...
Applications on the internet today rely a lot on third-party integrations. And why shouldn’t they, when it helps developers focus more on the core product than tangling with different features? For instance, you could use a simple tool to handle your email marketing campaigns, or you could use a third-party payment provider to handle all the payments on your website.
Enterprises need to look beyond Web Application Firewalls to protect against API vulnerabilities
OWASP has been the face of web application security for almost 20 years. One of the most widely known contributions to the industry is the OWASP Top 10 List.
Web Application Security is security for web apps, right? As with many technical topics, there are plenty of rabbit holes to dive into when discussing web application security, but let’s focus on the critical questions many have about it.