Category

API Security

Category
WallarmAPI Security
In API Security

Bolstering API Security: Introducing Wallarm’s API Attack Surface Management (AASM)

2 Mins Read

In the fast-paced digital world, think of Application Programming Interfaces (APIs) as the threads that stitch together the fabric of our tech ecosystems. They’re often overlooked, quietly ensuring that your apps communicate seamlessly and keep the digital world running smoothly. The majority of organizations grapple with a common challenge — limited visibility into their public API attack surfaces. And here’s the twist; with all that potential for new innovative products and services via API’s, they…

Read More
In API Security

Wallarm to Unveil New API Security Solution and Strategic Shift at Black Hat Europe 2023

2 Mins Read

If you’re involved with cybersecurity and are based in Europe, then Black Hat Europe 2023 in London, December 6 and 7 is a must-attend event. Wallarm, the experts in API and Application Security, will be attending the event, and we’re excited to connect with you.  If you are planning to attend, come by our booth or feel free to schedule a slot to meet with our API and App Security experts.    In the rapidly evolving…

Read More
In API Security

Unpacking the Zimbra Cross-Site Scripting Vulnerability (CVE-2023-37580)

2 Mins Read

Insights and Protections On November 16, 2023, a significant security concern was published by Google’s Threat Analysis Group (TAG). They revealed an alarming vulnerability in Zimbra Collaboration, a widely-used email hosting tool for organizations. This vulnerability, designated with an identifier, CVE-2023-37580, is a glaring example of a reflected cross-site scripting (XSS) issue. It allows malicious scripts to be injected into unsuspecting users’ browsers through a deceptively simple method: clicking on a harmful link. Campaigns Exploiting…

Read More
In API Security

Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)

2 Mins Read

In early November, the cybersecurity community witnessed the exploitation of a zero-day vulnerability in Confluence Data Center and Server. This critical vulnerability was related to Improper Authorization and assigned CVE-2023-22518 identifier. In this blog, we delve into the details of these vulnerabilities, their implications, and the necessary mitigation steps to protect your digital assets. The CVE-2023-22518 vulnerability targeted all versions of the on-premises Confluence Data Center. This “Improper Authorization” vulnerability flaw allowed an unauthenticated attacker…

Read More
In API Security

Navigating Threats – Insights from the Wallarm API ThreatStats™ Report Q3’2023

2 Mins Read

The world of digital technology is perpetually evolving, positioning cybersecurity as a frontline defense in safeguarding essential digital assets. A primary challenge in this sector, accentuated by the Wallarm API ThreatStats™ report Q3’2023, is ensuring robust API security. This in-depth report emphasizes the urgent need for immediate, strategic actions from business leaders and cybersecurity practitioners alike to combat the sophisticated emerging threats. Overview 239 API vulnerabilities in Q3’2023 33% of vulnerabilities linked to AAA issues…

Read More
In API Security

Testing with OpenAPI Specifications

3 Mins Read

The 2023 SANS Survey on API Security (Jun-2023) found that less than 50 percent of respondents have API security testing tools in place. Even fewer (29 percent) have API discovery tools. Wallarm delivers both these capabilities via our single, integrated App and API Security platform. Wallarm has long offered the ability to generate OpenAPI Specifications (aka Swagger) based on actual traffic across your endpoints. This allows you to: Enumerate all your managed and unmanaged APIs…

Read More