Author Archives: jmacy

Money Mule(Soft): Salesforce Acquires API Integration Company for $6.5 Billion

Well, it has happened again. Another tech behemoth has made a massive acquisition to bolster its cloud presence – this time in the most expensive cloud software deal in history. Last fall, it was Google gobbling up Apigee; this week, … Read MoreRead More

Forum Systems To Exhibit At GEOINT 2018

Forum Systems will be exhibiting at the USGIF GEOINT 2018, taking place April 22nd-25th, 2018 at the Tampa Convention Center in Tampa, Florida. … Read More

IAM Attacks, IoT Hubs and API Security Spend, Oh My! We Present Our 2018 Predictions

2017 was a devastating year in security: Equifax, Verizon, WannaCry – enough said. Even more so, the Instagram vulnerability, OneLogin breach, Circle with Disney web filter flaws, Oracle’s Identity Manager vulnerability and Wishbone hack hit close to home, reinforcing what … Read MoreRead More

Coming Full Circle on IoT (In)Security

In thinking ahead to 2018, we can’t help but look back. We kicked off 2017 talking about the (in)security of IoT and the infamous DDoS attack on Dyn, via the Mirai botnet, which infiltrated tens of millions of IP addresses. … Read MoreRead More

Forum Systems To Exhibit At Cloud Expo Europe 2018

Forum Systems will be exhibiting at the Cloud Expo Europe 2018, taking place March 21st-22nd, 2018 at the ExCel, London, UK … Read More

Forum Systems To Exhibit At WEST 2018

Forum Systems will be exhibiting at the WEST 2018 show, taking place February 6th-8th, 2018 at the San Diego Convention Center in San Diego, California … Read More

Identity Divorces Security…Again—The Oracle Edition

Oracle recently released a Security Alert Advisory regarding a newly identified – and soon thereafter patched – vulnerability within Oracle’s Identity Manager, a user identity validation tool for granting access to enterprise systems. The bug referred to by Threatpost’s Michael … Read MoreRead More

Forum Sentry API Security Gateway protects all customers against Apache OptionsBleed

Apache Optionsbleed is yet another vulnerability in an ever-growing list of threats targeting REST-based back-end applications aimed at compromising server memory.  In this case, it is Apache’s https program can be compromised by using HTTP method OPTIONS as described here: – – Forum Sentry protects against this attack … Read More

Instagram API Security – Too Little Too Late

The Instagram API vulnerability was exposed via a REST API used by the Instagram Mobile App to perform a password reset.  By capturing the format that the Instagram App used to make the password reset, a brute force attack was then created to … Read More

How to Secure APIs from HTTP Method Attacks

In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives. #3 How to Secure APIs from HTTP Method Attacks … Read More