The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Security"
Eighteen APIs have been added to the ProgrammableWeb directory in categories such as Security, News Services, and Payments. Featured today is an API from UtilityScore, a service that provides a score for projected utility costs to interested home buyers. Here's a rundown of the latest additions.
This article is part of a 10-part series about interesting APIs that were added to our directory during 2016. Security and Privacy APIs are covered in this segment. The APIs were chosen by our researchers, by popularity according to website traffic, and by mentions on social media.
Developers commonly generate unique API keys for clients. But how long does an API key need to be to make the chances of a collision smaller than the chance that your computer might be struck by lightning? Fewer than you’d think, argues Sam Corcos, co-founder of SightMaps over at LearnPhoenix.io.
The Node.js Foundation, a community-led consortium to advance the development of Node.js, today announced that the Node.js Security Project will become a part of the Node.js Foundation. The Node.js Security Project will provide a process for discovering and disclosing security vulnerabilities.
Mastercard, a company that once warned that the risks of digital currency outweigh the benefits, has released two new blockchain APIs to promote collaboration and innovation in the digital exchange of value. Through its Mastercard Labs arm, Mastercard has indicated the API release is just the start.
YouMail launched its Spam Risk API. YouMail uses algorithms to analyze a database of hundreds of millions of phone numbers to determine the likelihood a particular phone number is spam. Historical call patterns and crowdsourced data are combined to determine an OK, caution, or danger designation.
Whether you're rolling your own soup to nuts API management solution, or your existing API management technology is missing some of the basics when it comes to API endpoint security, Cloudflare's recently released Traffic Control may have the right combination of features to fill in the gaps.
Ho-hum. Over 500 million user accounts at Yahoo! were breached. Who cares, right? You don't even have a Yahoo! account! It doesn't affect you. Right? Think again. If history tells us anything, the breach of the Yahoo! database means more attacks, perhaps against your systems, are on the way.
BeyondTrust announced a free API to call user credentials from BeyondTrust's PowerBroker Password Safe. API access to credentials eliminates the need for an individual user to enter username and password, and instead provides streamlined authentication directly within an integrated app.
High-Tech Bridge has announced a new release of its free SSL security testing service that companies and organizations can use to test their Web, email, VPN and other SSL/TLS-based services. The new release tests for known vulnerabilities in SSL/TLS implementations and in encryption protocols.
Box has introduced new security and governance APIs that organizations can use to incorporate content governance and compliance capabilities into applications and workflows. The new Box APIs includes a Retention Policy API, Legal Hold Policy API, Watermarking API, and Folder Metadata API.
HTTPS adoption among the world’s top half million sites doubled this year, achieving in one year what hadn’t been managed in 20 years’ since HTTPS’ introduction. Adoption went from 5.5% in August last year to 12.4% by the end of July, according to data from HTTP Archive.
Yelp spent two years developing a bug-bounty program with Hackerone, which led to over 100 resolved reports. Now, Yelp is taking the program to the broader public to engage a wider set of security researchers. The program offers bounties starting at $100 and can pay up to $15,000.
Bluetooth beacons offer a range of uses for sending radio signals over the air to connected smartphone applications. In this tutorial, developer Kuba Gretzky explains how he bypassed the beacons in restaurants to collect authorisation keys and earn himself free beer on a points-based app.
Pokémon GO has been hugely popular and generated millions of sessions around the world as people search for the digital creatures. But, it turns out that a fair chunk of recent API traffic has been coming from gaming bots that are making spatial queries to the API from outside of the game client.
Box APIs support everything from the way that Box and Office365 integrate seamlessly, to the 1,600 third-party applications in our app store. This API-first strategy has been incredibly successful, to the point where more than half of our monthly API calls come from third-party integrations.
Apple has announced that the company plans on launching its first-ever bug bounty program in September. The program will initially be invite only and the company will pay up to $200,000 USD to researchers who discover and report iOS and iCloud bugs and security vulnerabilities.
Dashlane and Google want to simplify security and authentication on Android devices and have an API to do it. App developers can use the new Open YOLO API to access the credentials stored in password managers to log users into apps and services. The idea here is to improve security.
Pokémon Go has become a runaway hit and many developers are showing their enthusiasm for the game by reverse engineering the private, internal Pokémon Go API and creating unofficial third-party apps. The current situation of the Pokémon Go API exemplifies mobile API security concerns.
The rise of fintech was more like an explosion – thousands of new apps suddenly sprung onto the market and fundamentally changed how we interact with our finances and the financial institutions we put in charge of them. While there’s never been a question about whether fintech requires