API Security

Instagram API Security – Too Little Too Late

The Instagram API vulnerability was exposed via a REST API used by the Instagram Mobile App to perform a password reset.  By capturing the format that the Instagram App used to make the password reset, a brute force attack was then created to … Read More

API Security and MySQL — A match made in Hell

What do API Security and MySQL have in common? Not much one hopes, especially if you are responsible for implementing enterprise-wide API Security. When picking any security product, particularly an API Security Gateway, an enterprise should carefully evaluate the architecture and components … Read More

Forum Systems Lauds Recognition of API Security in OWASP Top 10

Longtime API Security Champion Praises OWASP Community for Listing “Underprotected APIs” in RC1; Sponsors Premier AppSec USA 2017 Conference BOSTON, August 21, 2017 – Forum Systems Inc., a pioneer in API security technology, today celebrated the Open Web Application Security … Read MoreRead More

Four Pillars of API Security

API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is essential … Read MoreRead More

API Security – Taking the plunge

Dear Readers: Forum Systems and the security community need your help in raising API Security awareness. Forum Systems has been at the forefront of API Security for over 16 years. Our relentless efforts in educating IT professionals on how best to … Read More

API Security and OWASP Top 10

API Security has become a central concern in deploying APIs across portals, devices and cloud services. OWASP Top 10 2017 – RC1 includes API Security provisions. … Read More

How to Detect and Stop URL Parameter Tampering

In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives. #2 How to Detect and Stop URL Parameter … Read MoreRead More

How to Prevent SSL Vulnerabilities Using Powerful API Security

In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives. … Read More

Cloud(ed) Judgment: OneLogin’s Breach Continues to Fuel the Security Debate

When it comes to the next big data breach, it’s never a matter of if, but a discussion of when. This time, the target was identity and access management firm OneLogin, which recently shut down its U.S. data center due … Read MoreRead More

The President’s New EO Gets the Gist of NIST

President Trump introduced his long-awaited Cybersecurity Executive Order last month. While some focused on its similarities to EO 13636 issued by the Obama administration more than four years earlier, we were more concerned with, and quite frankly, excited by, the … Read MoreRead More