Featured

(Cloud)Flare Up: What you Need to Know about Ticketbleed

By | Date posted: March 2, 2017
Ticketbleed

As you’ve likely seen, last month, Cloudflare Engineer and crypto expert Filippo Valsorda discovered a software bug in F5 appliances. Named “Ticketbleed,” since it leaks SSL session identities like the famed Heartbleed, the vulnerability is in the transport layer security (TLS) stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time. F5 has since issued a patch for the vulnerability, cataloged as CVE-2016-9244, but we decided to take a closer look.
Read more

Forum Systems to Explore API Security Fundamentals in March Event Series

By | Date posted: February 28, 2017
News-Icon

API Summits in London and Amsterdam to Focus on Best Practices in Mitigating API Architecture Threats

BOSTON, February 28, 2017 – Forum Systems Inc. today announced it will host an event series in March focused on examining the fundamentals of API security. At API Summits in London and Amsterdam, Forum Systems CTO Jason Macy and other leading experts will explore the theme “Mitigate Threats in Your API Architecture.” During the events, Forum Systems will showcase how its award-winning Forum Sentry API Security Gateway is helping businesses connect and achieve balance in innovation and security as the cornerstone of their overall API Security Management strategy.

Read more

Forum Systems Wins 2017 Cybersecurity Excellence Award for Privileged Access Management

By | Date posted: February 16, 2017
cybersecurity_awards_winner-108x150

Recognized in API Security with Customer Traction, Demonstrable Results and Best-in-Class Technology

BOSTON, February 16, 2017 – Forum Systems Inc. today announced that the company has been honored as a 2017 Cybersecurity Excellence Award winner. The Forum Sentry API Security Gateway has been recognized as a leading technology in Privileged Access Management. The announcement was made in conjunction with RSA Conference 2017 taking place this week in San Francisco.
Read more

How to Build a Secure OAth Solution in Less Than 5 Minutes

By | Date posted: December 8, 2016

In our last post, Protecting Against OAuth Hacks, our CTO, Jason Macy, discussed the latest reported OAuth 2.0 hack “One OAuth 2.0 hack, 1 Billion Android App Accounts potentially exposed“. In the post, we discussed how the Forum Sentry API Security Gateway implements OAuth end-to-end and is not vulnerable to this recently reported vulnerability.
Read more

Protecting Against OAuth Hacks

By | Date posted: November 18, 2016
shutterstock_279329882-680x400

In this latest reported OAuth 2.0 hack entitled “One OAuth 2.0 hack, 1 Billion Android App Accounts potentially exposed“, it has been discovered that:

“…A remote simple hack devised by a group of security researchers threatens an amazing number of Android and iOS apps. An attacker can use the technique to sign into any victim’s mobile app account without any knowledge of the legitimate user…”

Read more