Blog

min read

Ofer Hakimi

September 14, 2023

API Visibility and Control Challenges: Bridging the Gaps in AppSec

AppSec API Nightmare

Unveiling the Top API Security Vulnerabilities

Why Thorough Assessment Matters

Large Language Models: Unlocking Exciting Capabilities while Addressing New Security Concerns

LLM Security Challenges Becoming Real

The Matrix Chronicles: API Security and the battle for sufficient Logging and Monitoring

Unplugged from Reality: API-log-alypse

The Game of (Improper) Asset Management: Protecting Your APIs from the Seven Kingdoms of Vulnerabilities

The perils of improper asset Management

Recall the Risks: Protecting Against Injection Attacks in Your APIs

Don't get your memory erased

Mr. Bean's Guide to Avoiding Security Misconfigurations in APIs

API related misconfigurations pitfalls

Mass Assignment: The Iceberg that Sinks Your API's Security

The Danger in Blind Objectification

Saving the API World from Broken Function-Level Authorization - An Action-Packed Adventure

BFLA - Not the Sweetest Deal

API Wars: The Battle Against Lack of Resources and Rate Limiting

Managing the API Galaxy: A Must-Have

The Horror of Excessive Data Exposure

The Danger Lurking in Your APIs

Howdy, Partner! Don't Let Broken Authentication Get the Drop on Ya!

Western guide to broken authentication

Testing Daily (AKA Sanjay Times) - The Leading Arena for API Testing and More!

Stay updated on testing trends

BOLAlywood: A Desi-Inspired Journey Through Broken Object-Level Authorization

The Bollywood Guide to BOLA

Pynt Advantages: Why It Beats Burp and Zap for API Security Testing

API Security Testing Benchmark

Why Developers and Security Tools Just Don't Click

A Hilarious Look at the Disconnect

Why Avoiding the Shift Left for API Security is Like Wearing Your Underwear Backwards

A Funny Look at a Serious Issue

Understanding OWASP-10 for API Security

Simple Examples to Keep Your APIs Safe

Why Traditional Security Tools Can't Solve the API Security Problem

API Security - Unique Tech Challenge

API Tests: Functionality vs Security - Spot the Difference!

Fighting Bugs vs. Keeping Hackers Out

How API Security became the Biggest Security Challenge in 2023

APIs - significant attack surface

API Security Incidents in 2022: A Look Back

Examining Notable Breaches

Understanding the Different Use Cases of APIs

Why APIs Are Needed in Modern Business?

10 Amazing Facts About the API Revolution

The Rise of APIs

Understanding the Different Use Cases of APIs

Why APIs Are Needed in Modern Business?

min read

API Era

10 Amazing Facts About the API Revolution

The Rise of APIs

API Visibility and Control Challenges: Bridging the Gaps in AppSec

AppSec API Nightmare

min read

API Security

Unveiling the Top API Security Vulnerabilities

Why Thorough Assessment Matters

Large Language Models: Unlocking Exciting Capabilities while Addressing New Security Concerns

LLM Security Challenges Becoming Real

The Matrix Chronicles: API Security and the battle for sufficient Logging and Monitoring

Unplugged from Reality: API-log-alypse

The Game of (Improper) Asset Management: Protecting Your APIs from the Seven Kingdoms of Vulnerabilities

The perils of improper asset Management

Recall the Risks: Protecting Against Injection Attacks in Your APIs

Don't get your memory erased

Mr. Bean's Guide to Avoiding Security Misconfigurations in APIs

API related misconfigurations pitfalls

Testing Daily (AKA Sanjay Times) - The Leading Arena for API Testing and More!

Stay updated on testing trends

min read

Shift Left

Pynt Advantages: Why It Beats Burp and Zap for API Security Testing

API Security Testing Benchmark

Why Developers and Security Tools Just Don't Click

A Hilarious Look at the Disconnect

Why Avoiding the Shift Left for API Security is Like Wearing Your Underwear Backwards

A Funny Look at a Serious Issue

Ofer Hakimi

March 6, 2023

min read