The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Tools", Category: "Captcha", Category: "Security"
Despite the fact that the costs associated with hacking and data breaches have arguably never been higher, recent API-related security incidents involving large companies, T-Mobile and Accenture, highlight the fact that basic API security best practices are still often not being adhered to.
Google, IBM, along with a number of other technology companies have introduced the Grafeas API, an open source artifact metadata API. Using the Grafeas API, organizations can combine data with other metadata to build a comprehensive model for security and governance at scale.
Cloud-based apps rely on an increasingly diverse set of underlying services, tied together through APIs - and hackers have taken notice. To resolve attacks and outages affecting APIs it is critical to understand and test the performance of the service delivery of application components.
Graphcool has extended its API via a new function: resolver. The resolver function extends the Grapcool API to 3rd party APIs and microservices. Graphcool pitches the function as one of its most powerful tools and expects it to simply integration with authentication services and third party APIs.
In order for APIs to deliver on a myriad of benefits and objectives, organizations must design them with scale in mind. However, the need to build high-performing APIs that scale with the business ecosystem is pressuring many development teams to build APIs that may be restricting business growth.
Flashpoint announced the fourth version of its business risk intelligence API. The latest feature added to the API is Risk Intelligence Observables (RIOs), which the company contends move beyond traditional security indicators. A number of Flashpoint partners have already utilized v4.
At this point in your API journey, you have made a number of business decisions and a couple of technical ones. Now, several crucial decisions need to be made around security. Securing an API is an often neglected task, yet doing so is at the heart of an effective API strategy.
Although Igloo already promoted a number of automated integrations with popular apps like Dropbox, box, G Suite, and others; Igloo stopped short of completely opening its digital workplace framework to the entire developer community. That has now changed, along with full support.
A recent white paper reported an Autofill API vulnerability within Android's 8.0 Oreo release. The vulnerability comes via the ability for widgets to hide themselves from users and request information that users are unaware they are providing to the hidden widget. No public fixes have been issued.
After it was revealed that over 143 million Americans may have been impacted when their personally identifiable information may have been breached through the credit reporting agency Equifax, there were further revelations that the so-called secret PINs issued by Equifax were actually timestamps.
From Slack integrations to coffee buttons, if Starbucks were to open up their API to the public, there are a ton of integrations that third-party developers could create. Tendigi CTO Nick Lee over at the Tendigi blog couldn’t wait so he reverse-engineered the Starbucks mobile app.
Although most of the technical details regarding the breach of Equifax are not known, the scope of the damage and the questions it raises should be enough to stimulate some organizational introspection regarding all that you have done to safeguard your Web services, sites, and APIs.
A whopping 34 more APIs have been added to the ProgrammableWeb directory in categories including Financial, Weather, and Tools. A bulk of the new additions are from NeutrinoAPI, which provides tools that solve application development problems. Here's a rundown of the latest additions.
Our API Testing Series continues with a look at two command line tools – HTTPie and curl. Both of these tools are ideal for exploration. Along the way you will create a couple of API tests running against the Trello API, which is a real API with formal authentication tokens.
Google recently announced a beta version of its new App Engine firewall. In addition to the security features inherent within App Engine, the App Engine firewall allows developers to block and permit users based on IP address and geography. Developers simply create rules and prioritize the rules.
AccuWeather has removed the Reveal Mobile SDK from its iOS app due to privacy concerns brought to the company’s attention by many of the app’s users. According to an article published on Medium, the app was sending location information such as GPS coordinates and Wi-Fi router name to Reveal Mobile.
The week is half done and we bring you some of the stories we couldn't cover with a look at what is going on in the world of APIs including Amazon releasing the Alexa Voice Service Device SDK to bring Alexa to connected devices, Coinbase's latest foray into bitcoin based security patents and more.
Elcomsoft has upgraded Phone Breaker; commercially sold software that has been implicated in API attacks that resulted in the exfiltration of personal info from iPhone users' iCloud accounts. With this recent upgrade, now it can extract secrets like IDs and passwords kept Apple's iCloud Keychain.