New & Notable
Web application and API security best practices News
October 09, 2019
Twitter used two-factor authentication information, including email addresses and phone numbers, to target ads for an unknown number of people over an unknown period of time.
May 22, 2019
Google disclosed two separate incidents in which G Suite passwords were stored insecurely, and in one of those incidents, the passwords were stored improperly for 14 years.
April 30, 2019
Since the start of 2018, Facebook has had a seemingly constant cascade of security issues and privacy scandals. Here's a look back at the social media giant's most serious issues.
November 16, 2018
The promised integration with Have I Been Pwned is expanding in Firefox Monitor with new breach alerts when a user visits a recently compromised website.
Web application and API security best practices Get Started
Bring yourself up to speed with our introductory content
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers. Continue Reading
Enterprises increasingly rely on APIs to interact with customers and partners. It all starts by knowing which type of API is right for your needs. Continue Reading
As with any software development cycle, API security must be built in from the start. Follow these guidelines to design, deploy and protect your APIs. Continue Reading
Evaluate Web application and API security best practices Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Bot management tools can help enterprises combat bad bots, prevent web and image scraping, and ensure ethical data use -- all while maintaining a positive end-user experience. Continue Reading
When trying to maintain balance between security and privacy in an AI-enabled world, who decides which side should tip and when? So continues the security vs. privacy debate. Continue Reading
A Web application (Web app) is an application program that is stored on a remote server and delivered over the Internet through a browser interface. Continue Reading
Manage Web application and API security best practices
Learn to apply best practices and optimize your operations.
API security often feels complicated. However, your IT team will go a long way in securing its services if it avoids these common pitfalls in API design and implementation. Continue Reading
SSL/TLS security is continuously improving, and there are steps site owners should take to ensure the safety of their SSL certificates, websites and users. Read on to learn more. Continue Reading
In microservices and service mesh environments, communications don't follow static paths. As such, security teams must update their application threat modeling methods. Continue Reading
Problem Solve Web application and API security best practices Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Unwanted pre-installed software -- also known as bloatware -- has long posed security threats for computers and other devices. Here are strategies for how to detect bloatware and uninstall the potential threat. Continue Reading
Exploiting an HTTP request smuggling vulnerability can result in the inadvertent execution of unauthorized HTTP requests. Learn how to defend web environments from this attack. Continue Reading
Read up on types of buffer overflow attacks, and learn secure coding best practices that prevent such vulnerabilities, as well as post-deployment steps to keep apps and websites safe. Continue Reading