:mastodon: Mike Amundsen<p>Wallarm Releases 2025 API ThreatStats Report, Revealing that APIs are the Predominant Attack Surface </p><p><a href="https://buff.ly/4aEd2fo" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">buff.ly/4aEd2fo</span><span class="invisible"></span></a></p><p>"Wallarm's researchers tracked 439 AI-related CVEs, a staggering 1,025% increase from the prior year. Nearly all (99%) were directly tied to APIs, including injection flaws, misconfigurations, and new memory corruption vulnerabilities stemming from AI's reliance on high-performance binary APIs."</p><p><a href="https://mastodon.social/tags/api360" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>api360</span></a> <a href="https://mastodon.social/tags/agenticAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>agenticAI</span></a> <a href="https://mastodon.social/tags/apiSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apiSecurity</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
en.osm.town is one of the many independent Mastodon servers you can use to participate in the fediverse.
An independent, community of OpenStreetMap people on the Fediverse/Mastodon.
Funding graciously provided by the OpenStreetMap Foundation.
Administered by:
Server stats:
268active users
en.osm.town: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#apisecurity
0 posts · 0 participants · 0 posts today
Katie Paxton-Fear (InsiderPhD)<p>So what does make APIs special and different? <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a> <a href="https://infosec.exchange/tags/apihacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apihacking</span></a> <a href="https://infosec.exchange/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a></p><p>1) Interconnectedness, even if you're sure you don't have APIs, I bet your suppliers do<br>2) Large attack surfaces that are poorly documented, they balloon into hundreds of endpoints quickly</p>
Katie Paxton-Fear (InsiderPhD)<p>The biggest mistake I see in API security will probably surprise you... Whether in offensive security or defending APIs, most teams make one fundamental mistake that leaves their APIs vulnerable, they forget that APIs are web applications. <br> <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a> <a href="https://infosec.exchange/tags/apihacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apihacking</span></a> <a href="https://infosec.exchange/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a></p>
Katie Paxton-Fear (InsiderPhD)<p>What is an API? What makes them special? And what kind of APIs are out there? <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a> <a href="https://infosec.exchange/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a> <a href="https://infosec.exchange/tags/bugbountytips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbountytips</span></a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BugBounty</span></a></p>
Katie Paxton-Fear (InsiderPhD)<p>👉 Register here: <a href="https://bit.ly/490sbH9" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/490sbH9</span><span class="invisible"></span></a></p><p> <a href="https://infosec.exchange/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a> <a href="https://infosec.exchange/tags/apihacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apihacking</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a> <a href="https://infosec.exchange/tags/websecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>websecurity</span></a> <a href="https://infosec.exchange/tags/apis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apis</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>
Katie Paxton-Fear (InsiderPhD)<p>API keys grant access, but if compromised, they're open doors for attackers. But fear not regularly rotating keys and limiting scope can help minimize the damage, find out more in this blog <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevSecOps</span></a> <a href="https://infosec.exchange/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APISecurity</span></a></p><p><a href="https://www.traceable.ai/blog-post/dizzy-keys-why-api-key-rotation-matters" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">traceable.ai/blog-post/dizzy-k</span><span class="invisible">eys-why-api-key-rotation-matters</span></a></p>
Matthew Reinbold<p>Ever wonder how secure your smart home devices really are? 🔐 The latest Net API Notes article dives into a real-life API vulnerability that put millions of COX modems at risk. Discover four crucial API security questions any API producer should consider! 🏡💻 <a href="https://opinuendo.com/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APISecurity</span></a> <a href="https://opinuendo.com/tags/SmartHome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SmartHome</span></a> <a href="https://opinuendo.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://opinuendo.com/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechNews</span></a> <a href="https://opinuendo.com/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a></p><p><a href="https://netapinotes.com/uncovering-api-vulnerabilities-lessons-from-the-cox-modem-breech/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">netapinotes.com/uncovering-api</span><span class="invisible">-vulnerabilities-lessons-from-the-cox-modem-breech/</span></a></p>
Nicolas Fränkel 🇺🇦🇬🇪<p>I lastly stumbled upon a list of 16 practices to secure your <a href="https://mastodon.top/tags/APIs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APIs</span></a>. In this two-post series, I’d like to describe how we can implement each item with <a href="https://mastodon.top/tags/ApacheAPISIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ApacheAPISIX</span></a> (or not).</p><p><a href="https://blog.frankel.ch/secure-api-practices-apisix/1/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.frankel.ch/secure-api-pra</span><span class="invisible">ctices-apisix/1/</span></a></p><p><a href="https://mastodon.top/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://mastodon.top/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APISecurity</span></a></p>
bertrand 🏃 👨💻 🎸<p>API. Keys. Are. Not. Security. Features.</p><p><a href="https://piaille.fr/tags/OAuth2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OAuth2</span></a> <a href="https://piaille.fr/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> <a href="https://piaille.fr/tags/APISecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APISecurity</span></a></p>
App Sec Village<p>It takes a village to run a village. We are looking for volunteers to help us bring AppSec Village at DEF CON 31 to life. </p><p>Learn more <a href="https://www.appsecvillage.com/volunteer" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="">appsecvillage.com/volunteer</span><span class="invisible"></span></a> </p><p><a href="https://defcon.social/tags/dc31" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dc31</span></a> <a href="https://defcon.social/tags/defcon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>defcon</span></a> <a href="https://defcon.social/tags/defcon31" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>defcon31</span></a> <a href="https://defcon.social/tags/appsecvolunteers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsecvolunteers</span></a><br><a href="https://defcon.social/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a> <a href="https://defcon.social/tags/applicationsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>applicationsecurity</span></a> <a href="https://defcon.social/tags/appsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsecurity</span></a> <a href="https://defcon.social/tags/apisecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apisecurity</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload