Dear Reader,
Times of crisis often reveal unexpected truths. For example, the guys that do the work in the background do not get enough support for a good outcome.
The same is true in cybersecurity. Application Programming Interfaces (APIs) keep our highly connected world running but are mostly neglected when it comes to cybersecurity. This newsletter, in cooperation with our friends at Imvision, is dedicated to these connection workhorses.
Imvision is currently hosting a series on API security. The first session happened last week. You will find the summary of what was discussed here in our newsletter. There is still time to register for the upcoming events on Oct 20th and November 3rd.
Best regards
Patrick Boch & Lou Covey Editors |
| |
Re-imagining API security
The current series of API security events focuses on how teamwork, increased visibility and automation can put companies in charge of their API security.
The first session was moderated by our US-Editor Lou Covey with some insights into API security from Forrester and a case study by Raiffeisen Bank International - read the articles below. |
| |
Taking charge of the API security lifecycle |
Modern enterprises have become API machines - for a good reason. But if not properly secured, APIs may be come a vulnerability rather than an asset. Learn how to take… |
|
| |
Is ‘API Security’ an oxymoron? |
In the first executive event on API security, Sandy Carielli from Forrester focused on API security from a development perspective - read her conclusion in our exclusive coverage. |
|
| |
Building a collaborative security team: Case Study |
Solving cybersecurity issues can boil down to a single weakness: personnel, but hiring qualified security workers is hard when you don’t know what skills are needed. Building from within with… |
|
| |
Application Security in the API-first era
The previous series, also a 3-part webinar, was focusing on the adjustments that leading global executives are making to their organizations’ security posture in response to changes brought about by the API-first era. Here's the summary articles from those sessions.
|
| |
Rethinking application security in the API-first era |
Securing applications can be an uphill battle. As development accelerates, accountability becomes unclear, and getting controls to operate becomes a challenge in itself. Securing tomorrow's applications begins with assessing the business risks today. It’s time that we as security leaders rethink our application security strategies to reflect new priorities, principles, and processes in the API-first era. |
|
|
| |
Four best-practices for introducing new application security standards to secure APIs |
Modern enterprises face significant challenges when it comes to establishing new organizational processes, in light of the expanded cybersecurity landscape of the API-first era. While these challenges may be impossible to solve completely, enterprises must strive to overcome them -- or at least get a handle on them -- to the greatest extent possible. |
|
|
| |
API Security: Teamwork makes the dreamwork |
During the past decade, the use of APIs within development has steadily increased. According to Moshe Zioni, Director of Threat Research for Akamai, we see a 1:8 ratio of API to normal HTTP attacks, disproportionate to the population of APIs. As the use of APIs increases, so do attacks against them. |
|
|
| |
Cybercrime basics
Of course, API security isn’t our only topic at Cyber Protection Magazine. We’ve introduced the Cybersecurity Cheat Sheet, and a new series explaining what the criminals are up to. First topic: Smishing.
|
| |
Scam Bucket: Phishing, Smishing: It’s mostly Facebook’s fault |
Smishing is the latest and growing version of phishing. In this case, it is using text messaging platforms to gather passwords and identities and deliver malware. Read more in our… |
|
| |
Thanks for reading and if you liked our newsletter, please share it with friends and colleagues. |
| |
Cyber Protection Magazine
https://cyberprotection-magazine.com
| |
|