API Developer Training

How APIs Can Block Suspicious Web Visitors Based on IP Address
API University Ipdata.co

We don't want to allow signups from VPNs or proxies. Visitors using a VPN or TOR, which hides their real location and identity, might be trying to perform malicious activity on your site. So how can we block these users? This article shows how the ipdata threat API can help you do this.

How-To

Jonathan Kosgei

Security, Validation

05-04-2020

Is the API in Your App a Trojan Horse?
API University

Attackers know that API calls originating from inside an app are a blueprint for the infrastructure inside your data center. Further, they can use those same API calls to hide their malicious purposes, like a Trojan horse ready to slip through the front door. Apps are the new emerging threat vector.

Analysis

Aaron Lint

Security, API Design

11-29-2018

How to Build a Secure API Strategy for the API Economy
API University

APIs, via B2B partnerships and B2C applications, can increase a company’s reach and make digital assets and services available to broader audiences. There are dangers posed by the adoption of insecure APIs in the enterprise. Hence, businesses need a strategy for building and operating secure APIs.

Analysis

Setu Kulkarni

Security, API Strategy

10-25-2018

Panera Bread Shows How Not to Respond to Data Vulnerability
API University

All companies have an obligation to protect user data as best as they can in accordance with their respective terms of services. When data is compromised, those companies should react quickly to fix it. Panera Bread offers a case study in the wrong way to respond to a vulnerability.

Case Study

Wendell Santos

Security, Developer Relations

04-16-2018

ProgrammableWeb's Most Interesting APIs in 2017: Security and Privacy
API University Wallarm Castle
More Related
Density
VirusTotal Private
Bark
Authentimate Recover Password Recovery
BackgroundCheck
ThreatConnect
Yoti
Cisco Umbrella Investigate
Sqreen
Apozy
Dark Gray Engines Address Intelligence
Dark Gray Engines IP Reputation
Dark Gray Engines Credit Card Fraud Risk
NSnitch
Digify
Active Intrusion Detection
Twizo
nanoSDK One-Time Password
Swift Email Verifier
Alexa Skill Management
Prifender PAPI

This article is part of a multi-part series about interesting APIs that were added to our directory during 2017. Security and Privacy APIs are covered in this segment. The APIs were chosen by our researchers, by popularity according to website traffic, and by mentions on social media.

Brief

Joy Culbertson

Security, Authentication, Authorization

01-01-2018

Build a DIY Security Camera With the Twilio API and Raspberry Pi
API University Twilio

The connected camera category has seen much growth since 2014. In this tutorial, we reproduce the basic functionality of a camera like the Nest Cam but with the unique property of being cellular connected. We will use a Twilio Programmable Wireless starter pack and Raspberry Pi to do this.

How-To

Evan Cummack

Security, Cameras, Hardware

10-27-2017

Understanding API Connectivity to Resolve App DDoS Attacks
API University

Cloud-based apps rely on an increasingly diverse set of underlying services, tied together through APIs - and hackers have taken notice. To resolve attacks and outages affecting APIs it is critical to understand and test the performance of the service delivery of application components.

Analysis

Nick Kephart

Security, DevOps, Monitoring

10-13-2017

Understanding What it Takes to Secure Your API
API University

At this point in your API journey, you have made a number of business decisions and a couple of technical ones. Now, several crucial decisions need to be made around security. Securing an API is an often neglected task, yet doing so is at the heart of an effective API strategy.

Analysis

Mark Boyd

Security, API Design, API Education

09-27-2017

How Starbucks Secures Their API, and How One Developer Cracked It
API University

From Slack integrations to coffee buttons, if Starbucks were to open up their API to the public, there are a ton of integrations that third-party developers could create. Tendigi CTO Nick Lee over at the Tendigi blog couldn’t wait so he reverse-engineered the Starbucks mobile app.

On the Web

Seamus Holland

Security

09-11-2017

Why You Should Use Access Tokens to Secure an API
API University

Too many people don’t know the difference between OpenID Connect and the OAuth 2.0 specifications. This results in devs publishing insecure apps because they’re using an ID token to secure the API where they should be using an access token. This article helps explain to you the difference.

On the Web

Seamus Holland

Security, API Design

06-11-2017

For Developers