September 19, 2016 New Google API Will Securely Verify Chrome Devices 2 min read - The new Google API allows a network service to obtain a hardware-backed cryptographic guarantee of the identities of a device and the user accessing it.
Threat Intelligence August 1, 2016 Re-examining the IBM X-Force Exchange API 6 min read - The X-Force Exchange API has undergone two significant changes since it went public in April 2015: Anonymous access disappeared and rate limits appeared.
Threat Intelligence June 14, 2016 Threat Intelligence Currency in the API Economy 3 min read - Threat intelligence is a critical source of information that can enrich most security products and defensive strategies.
Identity & Access March 3, 2016 About OAuth Use for API Authorization 3 min read - OAuth is an authorization and authentication protocol using APIs to enable a third-party website or application to access a user's data.
Application Security February 3, 2016 Leverage White-Box Cryptography and Tamper Resistance to Advance API Protection 5 min read - Learn about the security risks associated with server APIs and techniques you can use to comprehensively mitigate these API-related risks.
Application Security October 7, 2015 Microservices Are Powerful, but Pose New Security Challenges 2 min read - Microservices offer speed and flexibility for applications, but they also expose users and developers to a larger attack surface.
X-Force July 17, 2015 A Gentle Introduction to the X-Force Exchange API 10 min read - The X-Force Exchange API offers a host of capabilities that can increase threat intelligence and information sharing among users.
Application Security July 2, 2015 Does NoSQL Equal No Injection? 3 min read - NoSQL data storage systems have become popular due to their scalability and flexibility. This blog addresses some possible risks of the databases.
March 27, 2015 Instagram API Bug: Picture Imperfect? 2 min read - Security researcher David Sopas of WebSegura claims there is a potentially massive hole in the Instagram API. Instagram has not yet made moves for a fix.
Intelligence & Analytics March 16, 2015 QRadar’s New Audit and Security Incident Event Monitoring for OpenStack 3 min read - Consistent and standard audit records enable the use of tools like QRadar that can process audit records and work at every layer of a cloud infrastructure.