The latest news on the API economy
Searching: No Search Term , Filtered By Category: "Tools", Category: "Captcha", Category: "Security"
API tooling platform Restlet has today launched a new version of DHC by Restlet, an API testing tool that functions from within the Chrome web browser. DHC helps API developer consumers to test API requests through a visual interface and can help API providers to build a quality user experience.
As part of their bi-annual State of Software Security (SOSS) Report, Veracode released the findings of the Fall 2015 publication. Drawing on more than a trillion lines of code, the report shows that some programming languages and platforms suffer from more security risks than others.
Cloudinary has added responsive image breakpoints technology to its API. The functionality allows users to automatically select image size in a responsive website environment across devices with disparate screen sizes. Additionally, Cloudinary launched a web-based tool with the same functionality.
Lockr, a new key management service for content management systems is now available for Drupal and WordPress. Lockr provides an off-site, hosted key management service that can help secure Drupal and WordPress powered websites as well as meet PCI DSS, HIPAA and other security requirements.
Google has long fielded complaints of sign-in requirements associated with Google Play Games. The Google+ requirement and multiple sign-ins required for multiple games has been a hotbed of frustration. Google announced the end of both requirements as part of a Google Play Games API model change.
If your app uses OAuth as a means of authentication, you are likely storing users' OAuth tokens in a database. To maintain the secrecy of these tokens, you can use encryption both in transit and at rest. This article shows how SecureDB can encrypt OAuth tokens in a matter of minutes.
Atlassian released three features to Bitbucket in hopes to speed up development in a distributed team environment. Smart Mirroring, Git LFS, and Projects were all designed for growing development teams that quickly consume resources and aggregate data that become overwhelming for legacy systems.
Application delivery platform provider, NGINX, announced release 8 of NGINX Plus. Among the many new features with R8 comes the OAuth Technology Preview, full HTTP/2 support, an on-the-fly reconfiguration API, and improved cache for large video files. Demo apps and live webinars are planned.
A cornerstone feature of any Web application is the login page. This article take you step by step through the process of adding phone number powered second factor authentication (2FA) to a Web application by taking advantage of Nexmo's Verify API. This tutorial requires knowledge of PHP.
Pusher has announced an enhanced "Sandbox" plan to its tiered pricing program. The original Sandbox version permitted 20 concurrent connections, and 100,000 messages per day. Now, the plan allows 100 concurrent connections and 200,000 messages per day. The move is aimed to attract new developers.
Developers are opting for phone verification over email verification as it is effective in reducing spam accounts. Adding phone verification to your app doesn't need to be complex. This tutorial shows how to use Nexmo Verify SDK for iOS in a "To-Do List" application that uses Parse for a backend.
Secret API Keys add a layer of security to APIs and who can access what functions, but a simple flaw in the common implementation in GitHub leaves many API Keys exposed to external developers. This tutorial by Moshe Shaham explains this error, as well as how to leverage it to find API keys.
As more security vulnerabilities in IT software are discovered and exploited by malicious endeavours, Cisco has released its openVuln API that automates the sharing of security vulnerability information in a move aimed at nurturing an open security automation standard across the industry.
Target is on the data breach hot seat again, just two weeks after settling its massive 2013 data breach. This time, an API vulnerability tied to the Target app wishlist functionality led a security firm to easily retrieve personal information from app users. The API requires no authentication.
IBM announced the opening of its zero-knowledge proof platform, Identity Mixer to developers on the Bluemix cloud. The goal of Identity Mixer is to reduce the need for individuals to transmit personal details to online services, instead relying on a “digital membership card”.
Accurate Background enhanced its employee screening API to include international search. The feature arrives after a decade of developing in-country and regional contacts, language skills, and regulatory compliance knowledge. API access to the resources streamlines international background checks.
Runscope provides tools to simplify the management of API testing. The company has fine tuned its service further with the addition of the new import and export functionality, saying that users can now create, modify and version entire suites of API tests even more quickly and easily.
To help developers increase the security of their apps, PayPal has updated its developer portal to include a self-service credential provisioning feature that allows developers to generate their own client-secret pairs, which developers use to authenticate their apps with the PayPal API.