The Instagram API vulnerability was exposed via a REST API used by the Instagram Mobile App to perform a password reset. By capturing the format that the Instagram App used to make the password reset, a brute force attack was then created to … Read More
API Gateway
API Security and MySQL — A match made in Hell
What do API Security and MySQL have in common? Not much one hopes, especially if you are responsible for implementing enterprise-wide API Security. When picking any security product, particularly an API Security Gateway, an enterprise should carefully evaluate the architecture and components … Read More
API Security and OWASP Top 10
API Security has become a central concern in deploying APIs across portals, devices and cloud services. OWASP Top 10 2017 – RC1 includes API Security provisions. … Read More
How to Detect and Stop URL Parameter Tampering
In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives. #2 How to Detect and Stop URL Parameter … Read More … Read More
How to Prevent SSL Vulnerabilities Using Powerful API Security
In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives. … Read More

Cloud(ed) Judgment: OneLogin’s Breach Continues to Fuel the Security Debate
When it comes to the next big data breach, it’s never a matter of if, but a discussion of when. This time, the target was identity and access management firm OneLogin, which recently shut down its U.S. data center due … Read More … Read More
The President’s New EO Gets the Gist of NIST
President Trump introduced his long-awaited Cybersecurity Executive Order last month. While some focused on its similarities to EO 13636 issued by the Obama administration more than four years earlier, we were more concerned with, and quite frankly, excited by, the … Read More … Read More

PSD2: An Open Concept in Banking Mandating the Use of APIs

Advantages of API Gateway for managing SSL
Through SSL (SSLv3, TLS v1.1/1.2), API Gateways such as Forum Sentry rapidly secure your APIs that shuttle XML, JSON, HTML, SOAP and Big Data. API Gateways typically sit in front of your IT components such as web servers, application servers, … Read More … Read More

Buy vs. Build: Application Security Solutions
In the world of application security, there are numerous options in the marketplace for both buying and building. Purchasing a centralized API security solution isn’t cheap but it can be less expensive than building your own, depending on your situation. … Read More … Read More