In today’s era of hyper-connectivity, securing your organisation’s systems, data and business-critical processes is harder than ever. As a result of the major IT trends of the last decade, in particular cloud, mobile and IoT, more and more people and applications are connecting to our IT assets than ever before. What’s more, the majority of these interactions are from untrusted entities outside of the organisation’s network perimeter, and almost every one of these interactions relies on an application programming interface (API) to communicate to an application or system, somewhere in the world.
Last month, another major identity management vendor revealed a significant vulnerability. This time it was Auth0.
While conducting its own research, Cinta Infinita discovered the vulnerability in Auth0’s Legacy Lock API. The security firm noted it “was able to bypass password authentication when logging into Auth0’s Management Dashboard by forging an authentication token.”
Company’s Industry-leading API Security Gateway Earns Top Honors in API Management and Security Category
BOSTON, May 8, 2018 – Forum Systems Inc., a pioneer in API security technology, today announced that the Info Security Products Guide has named the Forum Sentry API Security Gateway a Gold winner in the API (Application Programming Interface) Management and Security category of the 2018 Global Excellence Awards®.
BOSTON, April 19, 2018 – Forum Systems Inc., a pioneer in API security technology, today announced the Midwest API Summit, the latest event in the company’s continuing series dedicated to examining the fundamentals of API security.
Taking place Thursday, April 26, from 9:30 a.m. – 4:30 p.m. EDT at the Renaissance Cincinnati Downtown, the Midwest API Summit will feature Forum Systems CTO Jason Macy and other industry experts exploring the best practices in securing API-based architectures. During the event, Forum Systems will showcase how its award-winning Forum Sentry API security gateway is providing the foundation for an effective API security strategy.
In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.
Myth #1: API security is a feature, not a technology
According to Jason Macy, chief technology officer at API security management provider Forum Systems, “Many vendors in the API product landscape talk about having features of API security.” In reality, he says, “claiming to have features that provide aspects of API security” is just like “claiming to have features that provide firewall or antivirus security.”
API-driven vulnerabilities and hacks continue to make headlines, as seen with Coincube, Reddit/Mailgun and Roku. As a result, more people and organizations are (finally) awakening to the seriousness of the threat.
API security is critical to businesses with any type of digital presence, and the stakes are critical for the federal and public sector to protect data and applications. That’s why Forum Systems has continued to champion our unparalleled security-first pedigree and industry-first certifications with rigorous standards such as NIST FIPS 140-2 Level 2 and Common Criteria NDPP.
Well, it has happened again.
Another tech behemoth has made a massive acquisition to bolster its cloud presence – this time in the most expensive cloud software deal in history.
It’s always encouraging when our hard work and best-in-class products are acknowledged by influential industry watchers.
We’re pleased to announce that Forum recently received that kind of endorsement from Government Security News (GSN) via a pair of GSN’s prestigious Homeland Security Awards.
Forum Systems Invites You to Our Mid-West API Summit in Cincinnati, April 26th.