About Imvision

The only automated NLP-based API security platform that protects enterprise applications at scale

Learn More »

 

Everywhere we look, hackers are successfully breaching enterprise databases and hijacking sensitive data from billions of people around the world. That’s why CISOs and their teams, the individuals tasked with protecting an organization’s information and systems, are always on the lookout to learn about the latest trends, news and insights in the worlds of cyber security.

Since we do the same, we’ve gone ahead and gathered the resources you need to stay up to date on the topic of API Security. Whether you’re just starting your journey into the world of application security, or are a seasoned industry veteran, there’s something for everyone in the high-value resources presented below, in these 3 different categories:

  • API Security 101

  • Stories from the front line

  • Getting down to business

API Security 101: Get up to speed on the challenges of API security

  • OWASP.org -- Every security professional knows OWASP Top Ten, but not all are aware that OWASP has a similar list focused exclusively on API security. This should be the first stop on any API security information gathering mission. The nonprofit foundation is focused on improving software security for the greater good. It gathers hundreds of chapters and tens of thousands of members who freely provide important information, news and resources. Their Top Ten list of API security measures is a must read for any cyber professional. For follow up reading, feel free to take a look at our guide on the vulnerabilities included on the OWASP API Security Top 10 list and practical tips for security teams who want lead – and win – the battle to protect their APIs.
  • The article “APIs are becoming a major target for credential stuffing attacks” is a great take on the importance of API security, focusing specifically on how hackers are using APIs to perpetrate automated credential stuffing attacks. By reading it you can also get a better understanding of the security challenges faced by the financial sector. 
  • This insightful opinion piece, “API Security Vulnerabilities: A Crack in the Foundations of Digital Business,” highlights the more prevalent types of API attacks, reviews common best practices for API protection and discusses a few of the more advanced approaches to API security. 
  • Check out “APIs Are the Next Frontier in cybercrime,” a cool piece that transports you into the world of hackers by laying out real-life common API vulnerabilities and describing what you need to do to fix them. 
  • Yes, that's us. Check out our article for further reading on the subject. It is relevant for various reasons, but let’s focus on its two main attributes: It provides quite a robust overview of the API landscape and more specifically, the angle of its security. Its other value is the fact that it contains real life examples of attacks which you can learn from. 
william-daigneault-M7v9MSZIOCY-unsplash

 

Stories from the front line: Understand vulnerabilities and their potential impact on your business and clients

 Image of first steps on a rope

Getting down to business: Gain a deeper understanding  of the first steps towards API protection

While this list offers plenty of great resources and reading materials to satisfy even the most demanding CISO, we know that there are plenty of other good materials out there. If you know a high-quality resource or publication that we failed to mention here, please share it with us.

Blog banner 3

 

It’s time to bullet-proof your APIs from potential attacks