Web application and API security best practices
Browse this section for the latest news, expert advice and learning tools on web application security, including web application testing, as well as API security best practices.
New & Notable
Web application and API security best practices News
-
August 20, 2021
20
Aug'21
Real estate firm turns to AI vendor for API security
API security is under scrutiny as businesses digitally transform, and startup vendors are emerging with fresh approaches for secure cloud computing.
-
October 09, 2019
09
Oct'19
Twitter 2FA data 'inadvertently' used for advertising
Twitter used two-factor authentication information, including email addresses and phone numbers, to target ads for an unknown number of people over an unknown period of time.
-
May 22, 2019
22
May'19
G Suite passwords insecurely stored in two separate incidents
Google disclosed two separate incidents in which G Suite passwords were stored insecurely, and in one of those incidents, the passwords were stored improperly for 14 years.
-
April 30, 2019
30
Apr'19
A recent history of Facebook security and privacy issues
Since the start of 2018, Facebook has had a seemingly constant cascade of security issues and privacy scandals. Here's a look back at the social media giant's most serious issues.
Web application and API security best practices Get Started
Bring yourself up to speed with our introductory content
-
buffer overflow
A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold. Continue Reading
-
SSL (secure sockets layer)
Secure sockets layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet. Continue Reading
-
dictionary attack
A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password. Continue Reading
Evaluate Web application and API security best practices Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Cloud-native security benefits and use cases
'Cloud native' has described applications and services for years, but its place in security is less clear. Get insight into cloud-native security from expert Dave Shackleford. Continue Reading
-
Risk-based vulnerability management tools in the cloud
As enterprises increasingly rely on cloud services, a risk-based vulnerability management approach can provide the best protection against cybersecurity threats. Continue Reading
-
Bot management drives ethical data use, curbs image scraping
Bot management tools can help enterprises combat bad bots, prevent web and image scraping, and ensure ethical data use -- all while maintaining a positive end-user experience. Continue Reading
Manage Web application and API security best practices
Learn to apply best practices and optimize your operations.
-
5 bad practices that lead to insecure APIs in cloud computing
API security often feels complicated. However, your IT team will go a long way in securing its services if it avoids these common pitfalls in API design and implementation. Continue Reading
-
SSL certificate best practices for 2020 and beyond
SSL/TLS security is continuously improving, and there are steps site owners should take to ensure the safety of their SSL certificates, websites and users. Read on to learn more. Continue Reading
-
Best practices for threat modeling service mesh, microservices
In microservices and service mesh environments, communications don't follow static paths. As such, security teams must update their application threat modeling methods. Continue Reading
Problem Solve Web application and API security best practices Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
How to prevent software piracy
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
-
What is bloatware? How to identify and remove it
Unwanted pre-installed software -- also known as bloatware -- has long posed security threats for computers and other devices. Here are strategies for how to detect bloatware and uninstall the potential threat. Continue Reading
-
How to mitigate an HTTP request smuggling vulnerability
Exploiting an HTTP request smuggling vulnerability can result in the inadvertent execution of unauthorized HTTP requests. Learn how to defend web environments from this attack. Continue Reading