OpenSSL continues to cast a shadow over the IT industry’s poor choice of programming languages for developing secure software. Neils Ferguson and Bruce Schneier’s mantra, that using a programming language without protection against buffer overflows is tantamount to criminal negligence, … Read More … Read More
API Security
OpenSSL Security Vulnerabilities and other C-based Risks
The latest Heartbleed OpenSSL vulnerability (CVE-2014-0160) is again a re-affirmation that usage of C-based security modules by an enterprise company greatly increases its risk posture. … Read More
Predictions from 2002-2003: Heartbleed = Criminal Negligence
Here is an archived document that Forum Systems published in 2002-2003 while architecting a secure XML gateway. We would like you to read this article to understand the importance of a security-first approach while interacting with users and systems, especially outside your enterprise boundary. … Read More
How to fix OpenSSL Heartbleed Security Flaw
In this article, we will show you how to fix the OpenSSL Heartbleed security flaw. OpenSSL Heartbleed has been recently discovered by security researchers. This security flaw is as a result of a software bug in the SSL/TLS protocol implementation of the … Read More
How to Save Resources with Centralized API Security
There are plenty of reasons to go with centralized API security by deploying an API gateway but in this blog post we are going to focus on why it’s beneficial for your development team(s). The security model in an organization … Read More … Read More
Sleep Better with Centralized API Security
Secure integration has become increasingly important over the past few years. As businesses rely more heavily on applications for conducting transactions and managing personal information, API security has become critically important. When it comes to application security, generally, there are … Read More … Read More