Pynt's Blog

Choose topic
Shift Left
API Security
API Era
LLM Security
OWASP Top Ten
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Shift Left
clock icon
5
min read

We Surveyed 250 Security Professionals About Shift Left. Most Can't Make It Work

Shift Left Paradox

Tzvika Shneider
September 15, 2025
clock icon
5
min read
A developer and robot take a Pynt together
Shift Left
clock icon
4
min read

Pynt Advantages: Why It Beats Burp and Zap for API Security Testing

API Security Testing Benchmark

Ofer Hakimi
March 20, 2023
clock icon
4
min read
A funny man is running to the left, his friend asks him to come back to the right
Shift Left
clock icon
4
min read

Why Avoiding the Shift Left for API Security is Like Wearing Your Underwear Backwards

A Funny Look at a Serious Issue

Ofer Hakimi
March 6, 2023
clock icon
4
min read
A developer is getting tired
Shift Left
clock icon
5
min read

Why Developers and Security Tools Just Don't Click

A Hilarious Look at the Disconnect

Ofer Hakimi
March 13, 2023
clock icon
5
min read
Pynt and Postman Native Integration
API Security
clock icon
4
min read

From Friction to Flow: Embedding API Security Where It Works

Our Journey with Postman

Tzvika Shneider
July 8, 2025
clock icon
4
min read
api-visibility-and-control-challenges
API Security
clock icon
7
min read

API Visibility and Control Challenges: Bridging the Gaps in AppSec

AppSec API Nightmare

Ofer Hakimi
September 14, 2023
clock icon
7
min read
Top API Security Vulnerabilities
API Security
clock icon
4
min read

Unveiling the Top API Security Vulnerabilities

Why Thorough Assessment Matters

Tzvika Shneider
September 5, 2023
clock icon
4
min read
A malicious actor uses the API to penetrate the personal info
API Security
clock icon
3
min read

How API Security became the Biggest Security Challenge in 2023

APIs - significant attack surface

Tzvika Shneider
February 6, 2023
clock icon
3
min read
An attacker gets access to personal information of many users
API Security
clock icon
4
min read

API Security Incidents in 2022: A Look Back

Examining Notable Breaches

Tzvika Shneider
January 30, 2023
clock icon
4
min read
Someone looks at the code to detect bugs
API Security
clock icon
4
min read

API Tests: Functionality vs Security - Spot the Difference!

Fighting Bugs vs. Keeping Hackers Out

Ofer Hakimi
February 13, 2023
clock icon
4
min read
A fireman in action
API Security
clock icon
5
min read

Why Traditional Security Tools Can't Solve the API Security Problem

API Security - Unique Tech Challenge

Ofer Hakimi
February 20, 2023
clock icon
5
min read
The secret to hacking is context - Pynt
API Era
clock icon
5
min read

The Secret to Hacking is Context

Context is the secret.

Ofer Hakimi
Ofer Hakimi
November 10, 2025
clock icon
5
min read
MCP misconceptions: Pynt API Security
API Era
clock icon
6
min read

Demystifying MCP (Model Context Protocol): 3 Common Misconceptions

Demystifying MCPs: 3 Common Misconceptio

Golan Yosef
Golan Yosef
April 16, 2025
clock icon
6
min read
The API wheels
API Era
clock icon
3
min read

Understanding the Different Use Cases of APIs

Why APIs Are Needed in Modern Business?

Tzvika Shneider
Tzvika Shneider
January 16, 2023
clock icon
3
min read
API bridges between services
API Era
clock icon
5
min read

10 Amazing Facts About the API Revolution

The Rise of APIs

Tzvika Shneider
Tzvika Shneider
January 2, 2023
clock icon
5
min read
LLM API risks
LLM Security
clock icon
5
min read

The Next Big Thing in AppSec: LLM Discovery and Security Testing

Why every AppSec leader must prepare

Ofer Hakimi
Ofer Hakimi
November 3, 2025
clock icon
5
min read
The Hidden Trade-Off of GenAI: Rewriting the Rules of Development
LLM Security
clock icon
4
min read

The Hidden Trade-Off of GenAI: Rewriting the Rules of Development

Developers have never moved faster.

Tzvika Shneider
Tzvika Shneider
October 27, 2025
clock icon
4
min read
LLM Security
clock icon
5
min read

Survey of 250 Orgs: 98% Adopting LLMs Into Apps, While 24% Still Onboard Security Tools

AI security lag: Speed vs. safety

Golan Yosef
Golan Yosef
October 27, 2025
clock icon
5
min read
LLM Security
clock icon
3
min read

The State of MCP Security

High-risk exploits lurk in MCP AI agents

Golan Yosef
Golan Yosef
August 13, 2025
clock icon
3
min read
MCP security
LLM Security
clock icon
7
min read

Code Execution Through Email: How I Used Claude to Hack Itself

You don’t always need a vulnerable app,

Golan Yosef
Golan Yosef
July 16, 2025
clock icon
7
min read
Large Language Models: Unlocking Exciting Capabilities while Addressing New Security Concerns
LLM Security
clock icon
3
min read

Large Language Models: Unlocking Exciting Capabilities while Addressing New Security Concerns

LLM Security Challenges Becoming Real

Golan Yosef
Golan Yosef
June 5, 2023
clock icon
3
min read
The battle for sufficient Logging and Monitoring
OWASP Top Ten
clock icon
5
min read

The Matrix Chronicles: API Security and the battle for sufficient Logging and Monitoring

Unplugged from Reality: API-log-alypse

Ofer Hakimi
Ofer Hakimi
May 23, 2023
clock icon
5
min read
The perils of improper asset Management
OWASP Top Ten
clock icon
4
min read

The Game of (Improper) Asset Management: Protecting Your APIs from the Seven Kingdoms of Vulnerabilities

The perils of improper asset Management

Ofer Hakimi
Ofer Hakimi
May 16, 2023
clock icon
4
min read
Don't get your memory erased
OWASP Top Ten
clock icon
5
min read

Recall the Risks: Protecting Against Injection Attacks in Your APIs

Don't get your memory erased

Ofer Hakimi
Ofer Hakimi
May 9, 2023
clock icon
5
min read
Mr. Bean's Guide to Avoiding Security Misconfigurations in APIs
OWASP Top Ten
clock icon
5
min read

Mr. Bean's Guide to Avoiding Security Misconfigurations in APIs

API related misconfigurations pitfalls

Ofer Hakimi
Ofer Hakimi
May 1, 2023
clock icon
5
min read
Mass Assignment Iceberg
OWASP Top Ten
clock icon
5
min read

Mass Assignment: The Iceberg that Sinks Your API's Security

The Danger in Blind Objectification

Ofer Hakimi
Ofer Hakimi
April 25, 2023
clock icon
5
min read
Saving the API World from Broken Function-Level Authorization
OWASP Top Ten
clock icon
4
min read

Saving the API World from Broken Function-Level Authorization - An Action-Packed Adventure

BFLA - Not the Sweetest Deal

Ofer Hakimi
Ofer Hakimi
April 17, 2023
clock icon
4
min read
API Wars - The Battle Against Lack of Resources and Rate Limiting
OWASP Top Ten
clock icon
6
min read

API Wars: The Battle Against Lack of Resources and Rate Limiting

Managing the API Galaxy: A Must-Have

Ofer Hakimi
Ofer Hakimi
April 10, 2023
clock icon
6
min read
Excessive Data Exposure Nightmare
OWASP Top Ten
clock icon
4
min read

The Horror of Excessive Data Exposure

The Danger Lurking in Your APIs

Ofer Hakimi
Ofer Hakimi
April 3, 2023
clock icon
4
min read
Dont Let Broken Authentication Get The Drop On Ya
OWASP Top Ten
clock icon
5
min read

Broken Authentication: A Guide to Keeping Your APIs Safe

Western guide to broken authentication

Ofer Hakimi
Ofer Hakimi
March 27, 2023
clock icon
5
min read
a funny Bollywood-style action cartoon hero breaking through a wall of source code
OWASP Top Ten
clock icon
5
min read

A Desi-Inspired Journey Through Broken Object-Level Authorization (BOLA)

The Bollywood Guide to BOLA

Ofer Hakimi
Ofer Hakimi
March 23, 2023
clock icon
5
min read
OWASP top 10
OWASP Top Ten
clock icon
5
min read

Understanding OWASP-10 for API Security

Simple Examples to Keep Your APIs Safe

Ofer Hakimi
Ofer Hakimi
February 26, 2023
clock icon
5
min read