API Security Archives

January 8, 2025

Published by SecureLayer7 Lab at January 8, 2025

Mitigating API Authentication Bypass Vulnerabilities with Secure Tokens

In today’s fast-paced digital landscape, where cybersecurity threats are constantly evolving, protecting APIs from authentication bypass vulnerabilities is essential. A notable case study that illustrates the […]

December 11, 2024

Published by SecureLayer7 Lab at December 11, 2024

How to Fix API Rate Limiting in Golang

APIs are the cornerstone of the modern application-oriented digital world. However, developers frequently encounter the challenge of API rate limiting, a mechanism implemented by service providers […]

December 5, 2024

Published by SecureLayer7 Lab at December 5, 2024

Protecting Against API Security Misconfigurations with Regular Audits

TL;DR: Conducting regular audits is vital to defending against API security misconfigurations. This blog highlights the importance of regular audits and offers practical steps to secure […]

December 5, 2024

Published by SecureLayer7 Lab at December 5, 2024

A Guide to Unrestricted Resource Consumption

Recently, third-party actors attacked Poland’s tax department portal. Attackers used a relatively new way to exploit the vulnerability. They overwhelmed APIs supporting the tax portal by […]

November 20, 2024

Published by SecureLayer7 Lab at November 20, 2024

Understanding OWASP API 06:2023 Unrestricted Access to Sensitive Business Flows

In July 2023, a serious breach involving Ivanti’s EPMM surfaced due to the CVE-2023-35078 zero-day vulnerability. Attackers exploited this flaw, gaining unauthorized API access, manipulating server […]

November 5, 2024

Published by SecureLayer7 Lab at November 5, 2024

Securing Sensitive Data in Transit with API Transport Layer Security

Any conversation about API security, in general, begins with an understanding of Transport Layer Security (TLS) as its foundational pillar of cryptographic protocols. The objective of […]

November 5, 2024

Published by SecureLayer7 Lab at November 5, 2024

Mitigating API Injection Attacks with Input Validation Techniques

Applications are the core of service delivery and even running operations. APIs facilitate this by enabling seamless data exchange between systems. Since APIs expand the attack […]

March 23, 2021

Published by Anudeep Patel at March 23, 2021

Cyber Security Webinar CISO 2021: The Unveiling of API Security Myths

Get free Registration for the API cyber security webinar on Wednesday, March 31st, 2020, at 7:00 pm IST. Presented by Mr. Satyam Gothi. This cyber security […]

June 17, 2020

Published by Renuka Sharma at June 17, 2020

API Security Assessment OWASP 2019 Test Cases

An Application Programming Interface (API) is a component that enables communication between two different applications. They can be applications developed on different platforms and it uses […]