In his 3rd blog on mitigating against the OWASP Top Ten, Bala discusses how proper security logging and monitoring is key to every enterprise’s security-in-depth approach. It’s time to take a fresh look at your process and make sure you are capturing and monitoring the most important transactions of your business.
In his latest blog, Bill takes a look at the evolution to multi-cloud, and the benefits and risks of adopting a multi-cloud API management strategy.
In part two of this series on the updated OWASP Top Ten API Security risks, Bala examines three more of the Top Ten: Unrestricted Resource Consumption, Unrestricted Access to Sensitive Business Flows and Security Misconfiguration.
In his latest blog, Francois takes a look at the API security best practice of sender-constraints and how to apply it to improve your overall security posture.
In this first piece of our three-part series, we’ll examine the top three risks on the 2023 list: Broken Object Level Authorization, Broken Authentication and Broken Object Property Level Authorization.
In his latest blog, Bala discusses the fundamentals of API security and what to look for with your API security provider.
Many enterprises are unaware that their current infrastructure can work with OpenTelemetry. OpenTelemetry is the new cloud-native standard for application observability. This article is the first of a three-part series that explores the technology’s business benefits and advantages.
This latest article in a series discusses the additional security issues that arise when using mTLS, and how to mitigate those issues by combining mTLS with OAuth.
This article discusses adoption challenges with OAuth mTLS, steps one can take to mitigate those challenges.
At the API Academy Workshop done in conjunction with Apidays NYC 2022, Gary discusses emerging gateway patterns and how to prepare for them.