The Cequence Security Blog – Top 5 Posts of 2020

November 25, 2020 | by Matt Keil

As we transition into the last month of 2020, it’s time for my team and I to look back over what we covered this year in the blog and start giving some thought to 2021’s editorial calendar. I know that I definitely have favorite content pieces, but there is something probably even more interesting to you.

What blog content is the security community most interested in recently?

Below is a list of the top five posts published by Cequence Security since January 2020.

API Security Need-to-Know: Ramifications of Weak API Authentication

Until May 2020, an API vulnerability existed in ZIPNet, an online application used by Indian law enforcement. It allowed malicious actors to create or modify criminal records without authenticating. Based on the publicly available information, this security incident was a direct result of poorly implemented API authentication and access control, a common challenge in enterprises today. Read the Full Post

Ground Hog

When APIs Say Too Much

As developers use APIs to build platforms that allow for more rapid feature releases, an equal amount of emphasis must be placed on ensuring users can utilize the application safely and securely. In the case of this discovered Kasa camera security vulnerability, verbose error messages introduced a risk to consumers. Read the Full Post

Aite Group Research Validates API Security Gaps

The API Security Best Practices Research Report published by Joe Krull from the Aite Group validates security gaps in protecting APIs. Additionally, it makes recommendations that will benefit any organization moving towards an API-centric development methodology. Read the Full Post

Tales from the Front Lines: Attackers on Lockdown Focus on APIs

As the pandemic rolled into early summer Cequence Security customers battled an increase in bot activity. In one case, the lion’s share of the attack traffic, 15 million events, was aimed at one particular login API endpoint for an android application. Read the Full Post

Announcing Cequence API Sentinel

In June, Cequence introduced API Sentinel, a new API security service designed to give you continuous run-time visibility, shadow API discovery, risk analysis, and conformance assessment for all your APIs hosted on-premises and in public clouds. Read the Full Post

What to expect in 2021?

The top posts share a common thread, API Security. And, as we continue into 2021, we fully expect it to remain one of the biggest challenges faced by both our customers and security teams everywhere.

Cequence is committed to helping organizations eliminate security gaps by rapidly discovering APIs and protecting them from automated attacks and vulnerability exploits with a consistent security policy.

Is protecting APIs on your radar for 2021? Request a demo to see Cequence Security in action.

Matt Keil

Author

Matt Keil

Director of Product Marketing

Additional Resources