The inside trace. Subscribe for expert insights on application security. Thanks! Your subscription has been recorded. FEATUREDNavigating the Nebulous: State of API Security Reveals Recommendations for Secure API EcosystemsState of API Security FEATUREDUnveiling the 2023 State of API Security: A Panoramic Industry ViewThe 2023 State of API Security: A Global Study on the Reality of API Risk: This report is a labor of profound research and hard work, delving into intricate matters such as API-related data breaches, the growing concern of API sprawl, API ownership, and the risks of fraud and abuse, as well as the growing role of Zero Trust in API Security initiatives. companyfoundationsNews FEATURED11 Reasons Your WAF Can’t Secure Your APIsWAFs are designed to protect your web applications from web application attacks. But they leave you vulnerable to API attacks. This blog discusses the 11 things that WAFs don't do that are needed to properly protect APIs. foundationsAPI Securityapp securitytechnology FEATUREDManage your external attack surface with new Traceable SonarTraceable Sonar efficiently identifies and catalogs these assets, granting security teams a panoramic view of their external attack surface. But it doesn't stop at discovery. Sonar delves deep into these assets, pinpointing vulnerabilities an attacker might exploit. By mirroring the probing techniques attackers use, Traceable Sonar equips organizations with critical insights into potential security loopholes.ReleasesAPI Security 7.29.2023 The 2023 Cost of a Data Breach Hits $4.45 Million: Inside IBM’s Latest Report Explore key insights from IBM’s “2023 Cost of a Data Breach Report” in our latest blog post. We delve into the escalating costs of data breaches, the importance of strategic security investments, and the role of AI and automation in mitigating these costs. Learn about the significance of secure software development practices, including API security, in enhancing your organization’s cybersecurity posture. API SecurityNews 7.29.2023 Customer Story: Fintech company reduces attack surface by 10x with Traceable’s API Security Platform We recently sat down with one of our Fintech customers to discuss their API security journey. Providing digital investment and transaction services, this Fintech company needed to solve for its rapidly expanding attack surface. In this blog, we’ll summarize their journey with Traceable, providing highlights about how they discovered and secured tens of thousands of APIs in a distributed ecosystem, eliminating manual methods in favor of automatic API cataloging and protection. API Securitycustomer story 7.29.2023 Key Takeaways from Forrester’s 2023 State of Application Security Report Explore the key insights from Forrester’s State of Application Security report 2023 in our latest blog post. We delve into the complexities of application security, the rise of Software Composition Analysis (SCA), and the importance of API security in today’s digital landscape. Learn about the Shift-Everywhere movement and how it’s shaping the future of application security. This comprehensive analysis is a must-read for anyone looking to understand the current trends and challenges in application security. API Securityapp security 7.26.2023 The Anatomy of an API Abuse Attack: A Hacker’s Process Unveiled Unlock the secrets of API abuse attacks with our comprehensive blog post. Explore the anatomy of these cyber threats, from reconnaissance to data exfiltration, and delve into the extended threat landscape. Learn about advanced protective measures, industry standards, and regulations to fortify your API security. Enhance your understanding of API vulnerabilities and arm your organization with the knowledge to counteract malicious activities. foundationsAPI Security 7.1.2023 A Deep Dive Into API Security: Unpacking Traceable’s Definitive API Security Guide A Deep Dive Into API Security: Unpacking Traceable’s Definitive API Security Guide As we navigate through the increasingly digital landscape of the 21st century, APIs have become the unseen threads that stitch together our interconnected world. They underpin our web applications, mobile apps, and the Internet of Things (IoT), enabling different software to talk, share, […] foundationsAPI Security 7.1.2023 Data Loss Prevention in an API-Driven World Preventing data loss has become incredibly challenging in an API-driven world. Companies lockdown sensitive data internally with access controls, encryption, data classification and data loss prevention (DLP) platforms. They typically safeguard web applications with application security tooling or Web Application Firewalls (WAF). Cloud Security is often implemented with dedicated secure access service edge (SASE) architectures, including cloud access security brokers (CASBs). Data Securityzero trustfoundationsAPI Security 7.1.2023 40% of Organizations Do Not Have an API Security Solution – Here’s What That Means At the 2023 RSA Conference, a survey conducted by Traceable brought some troubling facts to the surface about how organizations are handling their API security — a theme that has become ground zero in cybersecurity circles. API SecurityNews 7.1.2023 5 Cybersecurity Leaders to Follow in 2023 These are five cybersecurity leaders you should follow in 2023. Their contributions to the field have revolutionized our understanding of cybersecurity and paved the way for the next generation of cyber professionals. API SecurityNews 6.30.2023 Why APIs are a Gateway for Credential Stuffing Attacks This informative piece is a must-read for decision-makers in the cybersecurity industry looking to bolster their defenses against API abuse and credential stuffing attacks.” API Security 6.26.2023 Recent MOVEit Exploits: SQL Injection to Web Shell to Data Exfiltration In the last few weeks, the security community has been shaken by a series of exploits targeting MOVEit, a popular file transfer software. These incidents have exposed critical vulnerabilities, allowing threat actors to compromise sensitive data and exploit organizations ranging from the BBS to several arms of the US Government. breach analysisAPI Securityapp securityNews search ReleasescompanyObservabilitybreach analysisfoundationscloud-nativeAPI Securityapp securityAI/MLtechnologyDeveloper reset