API security
The API Imperative: Securing Agentic AI and Beyond
We recently released The Rise of Agentic AI, our API ThreatStats report for Q1 2025, finding that evolving API threats are fueled by the rise of agentic AI systems, growing complexity in cloud-native ...
How DoubleVerify Achieved Full API Visibility and Security with Wiz and Escape
Discover how implementing Escape x Wiz integration helped the DoubleVerify AppSec team achieve full API visibility and accelerate targeted remediation ...
Threat Replay Testing: Turning Attackers into Pen Testers
API security is no longer just a concern; it’s a critical priority for businesses. With APIs serving as the backbone of modern applications, they’ve become a primary target for attackers. While automated ...
Why Comprehensive API Discovery Requires Both Domain-Based and Runtime Techniques
Why Comprehensive API Discovery Requires Both Domain-Based and Runtime Techniques The API attack surface is growing—and adversaries know it. Moving to the cloud, DevOps, and application modernization all lead to the proliferation ...
Beyond Schema Enforcement: Imperva’s Approach to Delivering Holistic API Security
API security is gaining attention, yet many organizations struggle to move from identifying risks to mitigating them effectively. In their eagerness to strengthen their security posture, some rush to implement schema protection ...
Wallarm Research Releases Nuclei Template to Counter Threats Targeting LLM Apps
Wallarm Research has just released a powerful new Nuclei template targeting a new kind of exposure: the Model Context Protocol (MCP). This isn’t about legacy devtools or generic JSON-RPC pinging. It’s about ...
Meeting NIST API Security Guidelines with Wallarm
On March 25, 2025, NIST released the initial public draft of NIST SP 800-228, "Guidelines for API Protection for Cloud-Native Systems." The document provides a comprehensive framework for securing APIs in cloud-enabled ...
The API Security Challenge in AI: Preventing Resource Exhaustion and Unauthorized Access
Agentic AI is transforming business. Organizations are increasingly integrating AI agents into core business systems and processes, using them as intermediaries between users and these internal systems. As a result, these organizations ...
An Analysis of Hardware-Backed Key Attestation for Mobile Security
Companies such as Google and Apple promote hardware-backed key attestation as a security measure for protecting mobile apps and APIs. This approach ensures that cryptographic keys are stored and used within secure ...
Unsolved Challenge: Why API Access Control Vulnerabilities Remain a Major Security Risk
Despite advancements in API security, access control vulnerabilities, such as broken object-level authentication (BOLA) and broken function-level authentication (BFLA), remain almost impossible to detect. This blog will explore why these vulnerabilities are ...
