The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Security", Category: "Domains", Category: "Hosting"
In 2019, Salt Security launched an API Protection Platform that leverages AI in order to provide API traffic monitoring that detects malicious behavior and prevents attacks before they can happen. Salt is now expanding this platform to include automated OAS analysis and new security analysis.
Peloton, the popular fitness application best known for its virtual cycling classes and exercise bikes, exposed thousands of users’ personal data via a set of improperly secured API endpoints. The company deployed a partial fix after security researchers forwarded the information to media partners.
Eight APIs have been added to the ProgrammableWeb directory in categories including Security, Animation, Automation, and Music. Highlights include an API for retrieving guitar chords, an API for eSignature services, and an API for security asset management. Here's a rundown of the latest additions.
LoginRadius, a provider of access management solutions, has announced a tool designed to help its customers understand their application’s identity management performance. The new LoginRadius Authentication API Analytics tool provides insight on request count, response code, and response time.
The McAfee Advanced Threat Research (ATR) team has recently discovered a vulnerability in a video calling SDK provided by Agora.io that could have allowed attackers to join calls uninvited and unannounced. The vulnerable SDK was in use by various connectivity applications.
Did APIs Play a Role in the Exfiltration of Personal Data From Parler.com After the Riot in Washington, DC?
In the aftermath of the riots in Washington, DC several posts went viral alleging that APIs played a role in the potentially private content including text, images, and video that were exfiltrated from Parler.com. We took a deep dive into these allegations in order to set the record straight.
IPinfo announced the availability of its Privacy Detection API. This API detects methods used to mask a user's true IP address, including VPN detection, proxy detection, tor usage, or a connection via a hosting provider, which could potentially be used to tunnel traffic and mask the true IP address.
Spamhaus Technology Ltd has recently announced the release of its Intelligence API Beta. This is the first time Spamhaus has released its extensive threat intelligence via API, providing enriched data relating to IP addresses exhibiting compromised behavior.
Ekata, a company that provides identity verification APIs that assist in risk assessment, has announced a new API that is designed to combat synthetic identity fraud. The new Ekata Account Opening API helps developers weed out bad actors from authentic customers during the onboarding process.
Cosmos, an interoperable blockchain ecosystem, has increased its incentives for its bug bounty program for the Cosmos Stargate software upgrade. The bug bounty will allow hackers, developers, and the community to trial and debug the upgrades and breaking changes to the Cosmos SDK.
Okta, a company that provides identity solutions for the enterprise industries, has launched a new SDK that is intended to simplify authentication for end-users while also improving device security. The new Okta Devices SDK was announced at the second annual Okta Showcase developer conference.
Cloudflare has announced the release of Cloudflare API Shield. This new product, which is free to all account holders regardless of their pricing plan, is intended to simplify API security via mutual TLS authentication, API schema validation, and a positive security model.
Facebook has recently simplified the company’s platform terms and developer policies in hopes that this will improve adherence to guidelines. To support these goals Facebook has announced the broad rollout of Data Use Checkup, an annual process for developers that validates data usage.
SpyCloud, an account takeover prevention solution provider, has announced its new Password Exposure API. The API allows users to comply with new NIST guidelines that disallow weak, common, and previously exposed passwords. The API helps prevent fraud without adding friction to the user experience.
Standard methods for biometric authentication, think fingerprint scanning and facial recognition, are extremely problematic given the current cultural expectation that masks, and often gloves, be worn throughout the day. UnifyID has launched a new gait-based biometric authentication API to help.
Jumio, a provider of AI-powered identity verification services, has announced a new biometric passport authentication SDK. This new SDK supports NFC reading capability to allow developers to seamlessly integrate photo and touch-based identity verification services into applications.
The Honeynet Project has collaborated in the creation of a new open-source intelligence (OSINT) tool that collates threat information from a multitude of sources. This new resource dubbed Intel Owl provides developers access via API to the resulting threat analysis data.
Datadog, cloud security and monitoring platform, has launched Error Tracking. The new product automatically collects application errors in real-time. Then, it aggregates into action items for engineering teams to respond to. It includes automated collection and visualization tools.
Thirteen APIs have been added to the ProgrammableWeb directory in categories including Security, Restaurants, and Mapping. Featured is an API for turning spreadsheets into APIs, an API for gathering data about social media influencers, and others. Here's a rundown of the latest additions.
Apple recently introduced a new addition to its DeviceCheck services: the App Attest API. The App Attest API generates a cryptographic key on a device that is used to validate the integrity of an app before a server provides sensitive data access. An Apple server is used instead.