Akamai Technologies has agreed to purchase a finalist in last year's RSA Conference Innovation Sandbox Contest to get more visibility into the API threat landscape. Silicon Valley-based Neosec will help customers discover all their APIs, assess their risk and respond to vulnerabilities and attacks.
Hackers have seized on the API revolution to drive a surge in attacks that exploit poorly coded applications, reports Akamai, in a warning echoed by other cybersecurity experts. The vector driving the most growth in API attacks is local file inclusion.
Snyk has executed its third round of layoffs since June 2022, axing 128 workers amid projections of challenging market conditions persisting into early 2024. The Boston-based application security vendor revealed Thursday plans to reduce its more than 1,200-person staff by an estimated 11%.
As field CTO, EMEA for Noname Security, Filip Verloy spends lots of time talking with customers and analysts about API security. Two common themes: Few organizations know the number and types of APIs in their enterprise, and fewer understand exactly how data is being exchanged among them.
Not only does VMRay detonate a multitude of file types, but URLs as well, so that phishing attempts are identified and can be prevented. The Automated user simulation (known as Auto UI), which is built-in to Web Analysis, ensures a comprehensive detonation, and results in detailed reports analyzing all aspects of a...
The scary fact is that human error is a contributing factor in more than 90% of breaches, and even the world’s most successful organizations have significant weaknesses in their cybersecurity defenses. With so many technical controls in place hackers are still getting through to your end users, making them your last...
Hackers have used a modular toolkit called "AlienFox" to compromise email and web hosting services at 18 companies. Distributed mainly by Telegram, the toolkit scripts are readily available in open sources such as GitHub, leading to constant adaptation and variation in the wild.
Recent high-profile breaches resulting from API attacks are "just the tip of the iceberg," said Gartner analyst Dionisio Zumerle. "What we have is a new way of exchanging information which is increasingly popular, and almost no organization has the recipe to secure that new way of communicating."
APIs are pivotal to digital business yet are inherently more difficult to secure as compared to legacy architectures with more predictable use cases, such as custom three-tier web stacks in the data center. APIs facilitate a decentralized and distributed architecture with endless opportunities for third-party...
In the 21-month stretch from October 2020 to June 2022, a whopping 48 cybersecurity startups received 10-figure valuations as investors evaluated prospects on potential rather than performance. Now that the financial boom has gone bust, what happens to these unicorns from a different economic era?
In the latest weekly update, John Kindervag, creator of zero trust and senior vice president of cybersecurity strategy at ON2IT, joins ISMG editors to discuss the top zero trust storylines of the year, the impact of ChatGPT on the cybersecurity industry and how to tackle MFA bypass attacks.
The adoption of new technologies, multi-cloud architectures and multiple data storage sites has resulted in data residing in more places than ever before. That's why enterprises need a single pane of glass to know who's touching their data and why, says Imperva CEO Pam Murphy.
Threats from API and application vulnerabilities increased in 2022, but ransomware, human error and hygiene continue to pose the greatest threats to organizations, according to findings from CyberTheory's 2022 Performance Study. CyberTheory's Steve King shares how education can make a difference.
Banking Trojans, ransomware, fake finance apps programmed to steal data - the cybercriminal cartels have become more punitive in 2023, escalating destructive attacks on financial institutions. This is just one key finding of the annual Cyber Bank Heists report by Contrast Security's Tom Kellermann.
Cybercriminals found a way to circumvent OpenAI's prohibition on using its natural language artificial intelligence model for malicious purposes, say researchers who already spotted low-level hackers using the firm's ChatGPT chatbot for a machine-learning assist in creating malicious scripts.