API Gateway

Instagram API Security – Too Little Too Late

The Instagram API vulnerability was exposed via a REST API used by the Instagram Mobile App to perform a password reset.  By capturing the format that the Instagram App used to make the password reset, a brute force attack was then created to … Read More

API Security and MySQL — A match made in Hell

What do API Security and MySQL have in common? Not much one hopes, especially if you are responsible for implementing enterprise-wide API Security. When picking any security product, particularly an API Security Gateway, an enterprise should carefully evaluate the architecture and components … Read More

API Security and OWASP Top 10

API Security has become a central concern in deploying APIs across portals, devices and cloud services. OWASP Top 10 2017 – RC1 includes API Security provisions. … Read More

How to Detect and Stop URL Parameter Tampering

In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives. #2 How to Detect and Stop URL Parameter … Read MoreRead More

How to Prevent SSL Vulnerabilities Using Powerful API Security

In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives. … Read More

Cloud(ed) Judgment: OneLogin’s Breach Continues to Fuel the Security Debate

When it comes to the next big data breach, it’s never a matter of if, but a discussion of when. This time, the target was identity and access management firm OneLogin, which recently shut down its U.S. data center due … Read MoreRead More

The President’s New EO Gets the Gist of NIST

President Trump introduced his long-awaited Cybersecurity Executive Order last month. While some focused on its similarities to EO 13636 issued by the Obama administration more than four years earlier, we were more concerned with, and quite frankly, excited by, the … Read MoreRead More

PSD2: An Open Concept in Banking Mandating the Use of APIs

A revolution is occurring in European banking and APIs are leading the way. Adopted in 2007, the Payment Services Directive (PSD) “provides the legal foundation for an EU single market for payments, to establish safer and more innovative payment services … Read MoreRead More

Advantages of API Gateway for managing SSL

Through SSL (SSLv3, TLS v1.1/1.2), API Gateways such as Forum Sentry rapidly secure your APIs that shuttle XML, JSON, HTML, SOAP and Big Data.  API Gateways typically sit in front of  your IT components such as web servers, application servers, … Read MoreRead More

Buy vs. Build: Application Security Solutions

In the world of application security, there are numerous options in the marketplace for both buying and building. Purchasing a centralized API security solution isn’t cheap but it can be less expensive than building your own, depending on your situation. … Read MoreRead More