SoapUI_NG_Ad_900x115pxl

Delving Into the Microservices Architecture

Microservices

Although microservice architecture is fairly new, the basic concept behind it is one that will seem familiar to many software professionals. The guiding principles behind microservices include: Using small, single purpose, service-based applications to create a fully … [Read more...]

iOS Update Brings Philips Hue’s Lack of App Testing to Light

Connected_World

Philips, an industry leader in connected devices and services, recently released a faulty version of their iOS Hue app that instantly crashes when you launch it. Instead of controlling lights from a phone or tablet, as is the primary selling point of the Hue connected … [Read more...]

IT Security’s Perfect Storm is Brewing

© 2000 - Warner Bros. Entertainment, Inc.

30 foot waves crashing all around. Constant rain. Cold. Hope is lost. This is the scene in George Clooney's tragic film, the Perfect Storm, which climaxes in the vain efforts of a group of sailors trying to push through a raging hurricane to get a boatful of fish to port. As … [Read more...]

Avoid Pulling a Moonpig by Security Testing Your API

Now we know why Moonpig looks so nervous... he's a hacker's dream.

What do you do to ensure that your APIs are as secure as possible and still meet your release deadlines? A major UK-based online greeting card provider, Moonpig, has been found to contain numerous security flaws in their front-facing REST API. Developer Paul Price posted … [Read more...]

Hardening Your Application Against API Failures with API Virtualization

Candy Crush API Failure Error

True confession time:  I’m a Candy Crush Saga addict. There was a time when we all were, but it’s become less of an open conversation these days and those of us who still linger in the parking lot to play just one more game before going into the office… well, we don’t speak … [Read more...]

The Most Common API Security Hacks of 2014 [Infographic]

Most Common API Security Hacks of 2014

2014 was the year of the API security hack. Snapchat, Twitter, Tinder – these companies and more all experienced malicious API security attacks that compromised their users’ data, and as a result, their credibility. So we looked at the hard numbers this year to determine the … [Read more...]

When Your APIs Are Ready to Be Liberated, Are You Ready to Free Them?

IBM_Plugin_280x260

Almost every enterprise that I know takes a very cautious approach to this new API game. They build it, test it, try it, do a limited release, then fix the necessary areas, test it again, and finally, when they are satisfied they are ready, they get it out in the open. … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 3 of 3)

HackYourAPI9

  Welcome back! Cross Site Request Forgery (CSRF) The last vulnerabilities we looked at in the previous installment were related to cross-site scripting attacks (XSS). Now, let’s have a look at another vulnerability / attack that plays with similar cards; … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 2 of 3)

467236477

  In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This second post covers the anatomy of some of the most common API security hacks. In our last post, we … [Read more...]

API Security Testing – How to Hack an API and Get Away with It (Part 1 of 3)

Hack Your Own API

In this 3-part blog series, I’ll provide deep dive instructions and specific examples on how you can avoid common security threats by hacking your own API. This first post will highlight 3 key aspects you will need to understand when hacking an API: API technologies, … [Read more...]