soapui-5-banner

API Security Testing – How to Hack an API and Get Away with It (Part 3 of 3)

HackYourAPI9

  The first two installments in this series have set us well on our path to API security/intrusion nirvana; we first got to grips with current API technology basics, moved on to API Attack surface detection and then looked at a series of common and potent … [Read more...]

3scale plugin for Ready! API completes the lifecycle

3scalelogo

with Guest Post from SmartBear collaboration partner Manfred Bortenschlager of 3scale   From Lorinda Brandon, API Products at SmartBear: When we originally designed Ready! API, our goal was to provide a fluid movement from your API project through a variety of … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 2 of 3)

467236477

  In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This second post covers the anatomy of some of the most common API security hacks. In our last post, we … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 1 of 3)

Hack Your Own API

In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This first post will highlight 3 key aspects you will need to understand when hacking an API: API technologies, … [Read more...]

The API Copyright Debate Surfaces Again

technology-innovation

It all started back in May 2014, when a federal appeals court made a ruling that sparked outrage and controversy in the software industry. Their decision was theoretically a final step in the long-standing lawsuit between Google and Oracle, where Oracle claims that Android … [Read more...]

D-Factor: How Strong is your Data Contract?

contract

REST APIs, and APIs in general, converse in structured data.  APIs will vary in the degree and type of structure, the format, and the intended use.  But they also vary greatly in how the expectations around that data are specified. As a client developer, I need to know … [Read more...]

Security Lessons Courtesy of Snapchat

snapchat_uhoh

Some apps are there to teach the rest of us the painful lessons of doing it wrong—Snapchat is one of them.   https://storify.com/SmartBearSalmon/security-lessons-courtesy-of-snapchat … [Read more...]

API Security Testing: Think Like a Bad Guy

You want to check an API to ensure that it’s secure, but just how do you think like a bad guy intent on breaking your API and potentially into your site? Performing the right sorts of API security testing is essential. Every day it seems like you see another security … [Read more...]

API Strategy & Practice: The World is Ready for Ready! API

API STRAT

Last week I had the pleasure of attending API Strategy & Practice. The conference offered great content with heavy-hitting speakers and some great technical sessions, but most notably for me I was excited to formally announce Ready! API to the world.  For those not … [Read more...]

Hypermedia and State Machines: RESTFest 2014

RobotsCompeting

"It is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is most adaptable to change." - not really Darwin https://storify.com/lindybrandon/restfest-2014-hypermedia-and-state-machines-of-cou … [Read more...]