The Inside Trace

Categories
Date Posted
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

tag

tag

The 2023 Cost of a Data Breach Hits $4.45 Million: Inside IBM's Latest Report

The 2023 Cost of a Data Breach Hits $4.45 Million: Inside IBM's Latest Report

Explore key insights from IBM's "2023 Cost of a Data Breach Report" in our latest blog post. We delve into the escalating costs of data breaches, the importance of strategic security investments, and the role of AI and automation in mitigating these costs. Learn about the significance of secure software development practices, including API security, in enhancing your organization's cybersecurity posture.
API-Security
News

July 29, 2023

The Anatomy of an API Abuse Attack: A Hacker's Process Unveiled

The Anatomy of an API Abuse Attack: A Hacker's Process Unveiled

Unlock the secrets of API abuse attacks with our comprehensive blog post. Explore the anatomy of these cyber threats, from reconnaissance to data exfiltration, and delve into the extended threat landscape. Learn about advanced protective measures, industry standards, and regulations to fortify your API security. Enhance your understanding of API vulnerabilities and arm your organization with the knowledge to counteract malicious activities.
API-Security
Foundations

July 26, 2023

Key Takeaways from Forrester's 2023 State of Application Security Report

Key Takeaways from Forrester's 2023 State of Application Security Report

Explore the key insights from Forrester's State of Application Security report 2023 in our latest blog post. We delve into the complexities of application security, the rise of Software Composition Analysis (SCA), and the importance of API security in today's digital landscape. Learn about the Shift-Everywhere movement and how it's shaping the future of application security. This comprehensive analysis is a must-read for anyone looking to understand the current trends and challenges in application security.
API-Security
App Security

July 29, 2023

Customer Story: Fintech company reduces attack surface by 10x with Traceable's API Security Platform

Customer Story: Fintech company reduces attack surface by 10x with Traceable's API Security Platform

We recently sat down with one of our Fintech customers to discuss their API security journey. Providing digital investment and transaction services, this Fintech company needed to solve for its rapidly expanding attack surface.   In this blog, we’ll summarize their journey with Traceable, providing highlights about how they discovered and secured tens of thousands of APIs in a distributed ecosystem, eliminating manual methods in favor of automatic API cataloging and protection.
API-Security

July 29, 2023

OpenAI's Privacy Fine Stresses Importance of Data Security Amidst AI Advancements

OpenAI's Privacy Fine Stresses Importance of Data Security Amidst AI Advancements

As we venture further into the age of artificial intelligence, the phrase "you can't put the genie back in the bottle" takes on profound significance. It describes a phenomenon that has become all too familiar with generative AI — once these systems learn and generate based on specific data sets, it's almost impossible to unlearn or retrieve that information. This means that if personal or sensitive data is accidentally fed into these systems, the potential for misuse or exposure becomes a looming threat that is virtually impossible to mitigate after the fact.
Generative AI

July 7, 2023

A Deep Dive Into API Security: Unpacking Traceable's Definitive API Security Guide

A Deep Dive Into API Security: Unpacking Traceable's Definitive API Security Guide

API-Security
Foundations

July 1, 2023

Data Loss Prevention in an API-Driven World

Data Loss Prevention in an API-Driven World

Preventing data loss has become incredibly challenging in an API-driven world. Companies lockdown sensitive data internally with access controls, encryption, data classification and data loss prevention (DLP) platforms. They typically safeguard web applications with application security tooling or Web Application Firewalls (WAF). Cloud Security is often implemented with dedicated secure access service edge (SASE) architectures, including cloud access security brokers (CASBs).
API-Security
Foundations

July 1, 2023

Unpacking OWASP’s API9:2023: Improper Inventory Management

Unpacking OWASP’s API9:2023: Improper Inventory Management

Discover the rising significance of API inventory in the evolving landscape of cybersecurity, as highlighted by the recently updated OWASP API Top 10. Our comprehensive blog discusses the crucial role API inventory plays in securing your digital assets, especially against the backdrop of escalating industry standards and regulatory requirements.
API-Security
Foundations

June 13, 2023

40% of Organizations Do Not Have an API Security Solution - Here's What That Means

40% of Organizations Do Not Have an API Security Solution - Here's What That Means

At the 2023 RSA Conference, a survey conducted by Traceable brought some troubling facts to the surface about how organizations are handling their API security — a theme that has become ground zero in cybersecurity circles.
API-Security
News

July 1, 2023

5 Cybersecurity Leaders to Follow in 2023

5 Cybersecurity Leaders to Follow in 2023

These are five cybersecurity leaders you should follow in 2023. Their contributions to the field have revolutionized our understanding of cybersecurity and paved the way for the next generation of cyber professionals.
API-Security
News

July 1, 2023

Why APIs are a Gateway for Credential Stuffing Attacks

Why APIs are a Gateway for Credential Stuffing Attacks

This informative piece is a must-read for decision-makers in the cybersecurity industry looking to bolster their defenses against API abuse and credential stuffing attacks."
API-Security

June 30, 2023

Recent MOVEit Exploits: SQL Injection to Web Shell to Data Exfiltration

Recent MOVEit Exploits: SQL Injection to Web Shell to Data Exfiltration

In the last few weeks, the security community has been shaken by a series of exploits targeting MOVEit, a popular file transfer software. These incidents have exposed critical vulnerabilities, allowing threat actors to compromise sensitive data and exploit organizations ranging from the BBS to several arms of the US Government.
API-Security
App Security
Breach Analysis
News

June 26, 2023

The Imperative of API Ownership: A Nexus of Development and API Security

The Imperative of API Ownership: A Nexus of Development and API Security

This blog delves into the transformative impact of API ownership on cybersecurity, arguing that security markedly improves when there is a defined owner who understands the API, its use cases, and potential vulnerabilities, and is accountable for its secure operation. API ownership, while requiring some organizational reorientation, is an investment in future-proofing against security breaches and a crucial component of an effective cybersecurity strategy.
API-Security
Foundations

June 21, 2023

OWASP API Security Top 10 List 2023 Refresh

OWASP API Security Top 10 List 2023 Refresh

API-Security
Company
Foundations
News
Releases

June 8, 2023

Key Takeaways from the 2023 Verizon Data Breach Investigations Report

Key Takeaways from the 2023 Verizon Data Breach Investigations Report

Explore the major findings from the 2023 Verizon Data Breach Investigations Report in our latest blog post. We delve into the rise of social engineering attacks, the human element in breaches, the most affected sectors, and the significance of web application attacks in today's cybersecurity landscape.
API-Security
App Security
Breach Analysis
News

June 7, 2023

Operationalizing Zero Trust for APIs: Pioneering Robust Cybersecurity Frameworks for the Future

Operationalizing Zero Trust for APIs: Pioneering Robust Cybersecurity Frameworks for the Future

Discover the future of cybersecurity with Traceable AI's groundbreaking API Security Reference Architecture and ZTAA solution. Understand how these innovative tools operationalize Zero Trust for APIs, ensuring robust protection in an era marked by increasing data breaches. Stay at the forefront of cybersecurity evolution with the industry's pioneering solutions.
Company
Releases

June 6, 2023

Generative AI and API Security: Innovate Safely by Protecting Data Now

Generative AI and API Security: Innovate Safely by Protecting Data Now

ChatGPT and other generative AI tools will transform business as we know it. However, enterprise teams need to move now to protect their sensitive data from being exposed, as it traverses APIs to answer user queries.
API-Security
Generative AI

May 17, 2023

The Double-edged Sword of Generative AI: Productivity Gain and Cybersecurity Risk

The Double-edged Sword of Generative AI: Productivity Gain and Cybersecurity Risk

API-Security
Generative AI

June 6, 2023

Intelligent Rate Limiting for API Abuse Prevention

Intelligent Rate Limiting for API Abuse Prevention

Enter Intelligent Rate Limiting - a more nuanced approach to securing your APIs. By leveraging AI and machine learning technologies, Intelligent Rate Limiting goes beyond merely counting requests. It observes and learns from patterns, understanding normal and abnormal request behavior, thereby distinguishing between legitimate traffic and potential threats.
News
Releases

April 27, 2023

Wiz + Traceable - Comprehensive API Security from Code to Cloud

Wiz + Traceable - Comprehensive API Security from Code to Cloud

Company
News
Releases

April 26, 2023

Traceable Introduces World’s First Zero Trust API Access (ZTAA) Solution

Traceable Introduces World’s First Zero Trust API Access (ZTAA) Solution

API-Security
Company
News
Releases

April 25, 2023

The Telecom Industry: Why APIs Are Becoming their Worst Nightmare

The Telecom Industry: Why APIs Are Becoming their Worst Nightmare

API-Security
Breach Analysis

March 28, 2023

How a Fintech Company achieved Context-Aware API Security to detect and block threats

How a Fintech Company achieved Context-Aware API Security to detect and block threats

API-Security

April 6, 2023

‘Dr. Zero Trust’ Chase Cunningham Joins Traceable as an Advisor

‘Dr. Zero Trust’ Chase Cunningham Joins Traceable as an Advisor

API-Security
Company
News

March 30, 2023

Cybersecurity Roundup for February 2023: T-Mobile Fallout, ChatGPT abuse, and Shopify's Hardcoded API Tokens

Cybersecurity Roundup for February 2023: T-Mobile Fallout, ChatGPT abuse, and Shopify's Hardcoded API Tokens

API-Security
Breach Analysis

March 2, 2023

FFIEC Compliance: The API Security Reckoning for Financial Institutions

FFIEC Compliance: The API Security Reckoning for Financial Institutions

API-Security

February 20, 2023

Zero Trust Pioneer John Kindervag Joins Traceable as an Advisor

Zero Trust Pioneer John Kindervag Joins Traceable as an Advisor

Company
News

March 14, 2023

Sensitive Data Exfiltration: The New Nemesis of API Security

Sensitive Data Exfiltration: The New Nemesis of API Security

API-Security
Foundations

February 14, 2023

Traceable Wins 2023 Devies Award for Best Innovation in API Security

Traceable Wins 2023 Devies Award for Best Innovation in API Security

API-Security
News

February 14, 2023

Traceable API Security Platform Update: End of 2022

Traceable API Security Platform Update: End of 2022

API-Security
Company
News
Releases

February 7, 2023

OWASP API Security Top 10 2023 RC Published

OWASP API Security Top 10 2023 RC Published

API-Security
News

February 14, 2023

Top Webinars of 2022: The Most Popular Sessions and Where to Find Them

Top Webinars of 2022: The Most Popular Sessions and Where to Find Them

API-Security

January 27, 2023

Webinar Recap: FFIEC Compliance and What It Means for API Security

Webinar Recap: FFIEC Compliance and What It Means for API Security

API-Security
News

January 27, 2023

Traceable Wins 2022 TMCnet Zero Trust Security Excellence Award

Traceable Wins 2022 TMCnet Zero Trust Security Excellence Award

Company
News

January 30, 2023

Cybersecurity Roundup for January 2023: API Attacks Front and Center

Cybersecurity Roundup for January 2023: API Attacks Front and Center

API-Security
Breach Analysis
News

January 31, 2023

T-Mobile's API Data Breach: The API Security Reckoning is Here

T-Mobile's API Data Breach: The API Security Reckoning is Here

API-Security
Breach Analysis

January 22, 2023

Why the Pentagon Needs to Factor in API Security to Establish a True Zero Trust Strategy

Why the Pentagon Needs to Factor in API Security to Establish a True Zero Trust Strategy

API-Security

January 12, 2023

A Modern Approach to API Governance: Challenges and Recommendations

A Modern Approach to API Governance: Challenges and Recommendations

API-Security
Foundations

January 10, 2023

How API Abuse Became the Top Vector for Data Breaches

How API Abuse Became the Top Vector for Data Breaches

API-Security
Breach Analysis
Foundations

January 18, 2023

The CircleCI Data Breach: The TLDR

The CircleCI Data Breach: The TLDR

API-Security

January 9, 2023

Shadow APIs: The New Form of Shadow IT

Shadow APIs: The New Form of Shadow IT

API-Security
Cloud Native

January 4, 2023

The HackerOne 2022 Report: Analysis and Insight on Modern Day Vulnerabilities

The HackerOne 2022 Report: Analysis and Insight on Modern Day Vulnerabilities

API-Security
Cloud Native
News

December 22, 2022

A Record Growth Year for Traceable: Milestones and Plans for 2023

A Record Growth Year for Traceable: Milestones and Plans for 2023

Company
News

December 21, 2022

How Jobvite Eliminated API Sprawl with Traceable’s API Security Platform

How Jobvite Eliminated API Sprawl with Traceable’s API Security Platform

API-Security
Cloud Native

December 19, 2022

Defense in Depth: A Guide to Layered Security

Defense in Depth: A Guide to Layered Security

This article will go over how defense in depth and layered security work as well as the benefits of using them.
API-Security
Cloud Native
Foundations
Technology

December 17, 2022

Top Data Breaches of 2022 and What they Mean for API Security

Top Data Breaches of 2022 and What they Mean for API Security

API-Security
Cloud Native
News

December 20, 2022

A Guide to Modernizing Legacy Applications

A Guide to Modernizing Legacy Applications

In today's post, we'll guide you through the modernization of your legacy application and determine if it's something you should implement.
Cloud Native
Foundations

December 17, 2022

NextRoll Gains 8x Visibility into APIs and Solves API Sprawl

NextRoll Gains 8x Visibility into APIs and Solves API Sprawl

API-Security
Cloud Native

December 1, 2022

Traceable Announces Commitment to Respecting Data by Becoming a 2023 Data Privacy Week Champion

Traceable Announces Commitment to Respecting Data by Becoming a 2023 Data Privacy Week Champion

API-Security
Company
Foundations
News

January 23, 2023

2023 Cybersecurity Predictions:API Security Q&A w/ Richard Bird

2023 Cybersecurity Predictions:API Security Q&A w/ Richard Bird

API-Security
Breach Analysis
News

December 7, 2022

How to Plan Your Cloud Security Architecture

How to Plan Your Cloud Security Architecture

In this post, you'll learn some essential tips and tricks about planning your cloud security architecture.
API-Security
Cloud Native
Foundations

December 6, 2022

The Business Case for API Security: Why API Security? Why Now?

The Business Case for API Security: Why API Security? Why Now?

API-Security
Breach Analysis
Foundations
Technology

December 2, 2022

Sensitive Data Leakage: Defined and Explained

Sensitive Data Leakage: Defined and Explained

API-Security
Cloud Native
Foundations

November 28, 2022

OWASP API Top 10 for Dummies: Part III

OWASP API Top 10 for Dummies: Part III

API-Security
Foundations

November 28, 2022

Cloud DLP: What It Is and Why It's Needed

Cloud DLP: What It Is and Why It's Needed

API-Security
Foundations

November 29, 2022

A Leader's Guide to Understanding and Preventing Bot Attacks

A Leader's Guide to Understanding and Preventing Bot Attacks

Many business leaders remain in the dark about the dangers of bot attacks. Let's learn about how they work, and tips for preventing them.
API-Security
Cloud Native
Foundations

November 12, 2022

Security Posture: A Leader's Guide to Evaluating and Improving It

Security Posture: A Leader's Guide to Evaluating and Improving It

Read on to discover what a security posture is and tips for strengthening your posture to prevent attacks from causing significant damage.
API-Security
Foundations

November 16, 2022

OWASP API Top 10 for Dummies: Blog Series, Part II

OWASP API Top 10 for Dummies: Blog Series, Part II

Welcome back to our blog series on the OWASP API Top 10! In Part II, we tackle Lack of Rate Limiting, Broken Function Level Authorization (BFLA), and Mass Assignment.
API-Security
Foundations

November 16, 2022

Black Friday Cybersecurity: Top 5 Insights from Traceable Chief Security Officer

Black Friday Cybersecurity: Top 5 Insights from Traceable Chief Security Officer

API-Security
Cloud Native
Foundations

November 17, 2022

API Abuse: Types, Causes, and How to Defend Against Them

API Abuse: Types, Causes, and How to Defend Against Them

API-Security
Foundations

November 7, 2022

Event Recap: API Security Innovation - A Security Executive Perspective

Event Recap: API Security Innovation - A Security Executive Perspective

API-Security
Company
News

October 21, 2022

9 Must-Know Data Security Threats and How to Combat Them

9 Must-Know Data Security Threats and How to Combat Them

API-Security
Cloud Native

November 1, 2022

OWASP API Top 10 for Dummies Part I

OWASP API Top 10 for Dummies Part I

API-Security
Cloud Native
Foundations

November 3, 2022

Scary Thoughts This Halloween: A World Without APIs!

Scary Thoughts This Halloween: A World Without APIs!

API-Security

October 31, 2022

Cybersecurity Roundup for 10.17.22: Text4Shell Apache, Microsoft Vulnerabilities, and more from Operation Cuckoobees

Cybersecurity Roundup for 10.17.22: Text4Shell Apache, Microsoft Vulnerabilities, and more from Operation Cuckoobees

API-Security
News

October 25, 2022

Jyoti Bansal Named Enterprise Security Tech Cyber Influencer

Jyoti Bansal Named Enterprise Security Tech Cyber Influencer

API-Security

October 25, 2022

Cybersecurity Roundup for 10.10.2022: Thoma Bravo Makes Another Acquisition, More API Vulns and a US Airport Cyberattack

Cybersecurity Roundup for 10.10.2022: Thoma Bravo Makes Another Acquisition, More API Vulns and a US Airport Cyberattack

API-Security
Breach Analysis
News

October 14, 2022

Cybersecurity Roundup for 10/7/2022: the Uber Conviction, LAUSD Ransomware Attack, and New CISA Rules

Cybersecurity Roundup for 10/7/2022: the Uber Conviction, LAUSD Ransomware Attack, and New CISA Rules

API-Security

October 7, 2022

Traceable Named a "Leader" in the 2022 GigaOm Radar for API Security

Traceable Named a "Leader" in the 2022 GigaOm Radar for API Security

API-Security

October 12, 2022

Traceable’s VP of Global Sales, Andrew Wesbecher, on Our Unique Approach to API Security

Traceable’s VP of Global Sales, Andrew Wesbecher, on Our Unique Approach to API Security

Traceable’s own Andrew Wesbecher discussed the importance of API security in the new, API-driven landscape of software development.
API-Security

October 5, 2022

Cybersecurity Roundup for 9.30.22: The Optus API Attack, Cyber Threats as Business Risk, and More Perspectives on the Uber Hack

Cybersecurity Roundup for 9.30.22: The Optus API Attack, Cyber Threats as Business Risk, and More Perspectives on the Uber Hack

API-Security
Breach Analysis

September 29, 2022

Cybersecurity Awareness Month 2022: New Theme, New Perspective

Cybersecurity Awareness Month 2022: New Theme, New Perspective

API-Security

October 2, 2022

Lessons from IBM's 2022 Cost of a Data Breach Report

Lessons from IBM's 2022 Cost of a Data Breach Report

Blog

September 2, 2022

Traceable Webinar Lineup for September: API Abuse, Data Breaches and API Security Testing

Traceable Webinar Lineup for September: API Abuse, Data Breaches and API Security Testing

API-Security

September 15, 2022

Traceable Adds API Security Testing to it’s Platform

Traceable Adds API Security Testing to it’s Platform

API-Security
Releases

August 31, 2022

Traceable Customer Story: Informatica Tackles API Sprawl and Threat Protection at Enterprise Scale

Traceable Customer Story: Informatica Tackles API Sprawl and Threat Protection at Enterprise Scale

No items found.

September 13, 2022

API Failure: 7 Causes and How to Fix Them

API Failure: 7 Causes and How to Fix Them

Even with essential safeguards in place, websites can be vulnerable. Let's learn what an API failure is, what causes them and how to fix them.
API-Security

September 12, 2022

API Exploits: What Every IT Professional Needs to Know

API Exploits: What Every IT Professional Needs to Know

API-Security

August 23, 2022

API Sprawl: What It Is and Why You Should Care

API Sprawl: What It Is and Why You Should Care

API-Security

August 22, 2022

Black Hat 2022 Recap: API Security and Data Security Top the List

Black Hat 2022 Recap: API Security and Data Security Top the List

API-Security

August 16, 2022

Traceable Tackles Deeper Data Protection Use Cases with Latest API Security Platform Update

Traceable Tackles Deeper Data Protection Use Cases with Latest API Security Platform Update

API-Security
Company
Releases

August 9, 2022

Anatomy of an API Attack: Applying the MITRE Knowledge Base to API Threat Modeling

Anatomy of an API Attack: Applying the MITRE Knowledge Base to API Threat Modeling

MITRE takes a step back and looks at the behavior of an attacker instead of just a specific signature or IP address. It looks from the attacker perspective and discerns the behavior.
API-Security

June 16, 2022

RSA 2022 Conference Recap: API Security, Cloud Security and Consolidation Were Top Themes

RSA 2022 Conference Recap: API Security, Cloud Security and Consolidation Were Top Themes

This year’s RSA Conference was the first time that API Security became a primary focus.
API-Security

June 13, 2022

OWASP crAPI: Introducing API Security the Hacker Way

OWASP crAPI: Introducing API Security the Hacker Way

Shift left is not just about shifting your tools and process but the knowledge as well.
API-Security

June 6, 2022

Traceable Launches Enhanced API Catalog -- the industry’s only solution for API discovery, risk posture management, and compliance

Traceable Launches Enhanced API Catalog -- the industry’s only solution for API discovery, risk posture management, and compliance

API-Security
Company
Releases

May 28, 2022

Traceable AI’s Renata Budko Reflects on Cybersecurity Career Accomplishments and Vast Opportunities for Other Women

Traceable AI’s Renata Budko Reflects on Cybersecurity Career Accomplishments and Vast Opportunities for Other Women

To stay relevant as a cybersecurity professional, you need to understand the microservices and what are the changes in architectures and APIs and how they can be attacked.
API-Security
Company

May 9, 2022

Striking a Proper Balance: Why Comprehensive API Security Requires Both Agentless and Agent-Based Data Collection

Striking a Proper Balance: Why Comprehensive API Security Requires Both Agentless and Agent-Based Data Collection

Agents-based gathering methods have evolved and matured to listen for and record deeper and wider to ascertain more data-driven insights and analysis.
API-Security

May 10, 2022

Traceable Enters Next Phase of Growth to Deliver Hyperscale API Security

Traceable Enters Next Phase of Growth to Deliver Hyperscale API Security

We will continue to invest in  building unassailable API security that operates at hyperscale for complete API discovery, posture management, protection, and operational analytics.
API-Security
Company

May 3, 2022

APISecure: The First API Security Conference Makes Its Debut on the World Stage

APISecure: The First API Security Conference Makes Its Debut on the World Stage

Cyberspace is the ultimate equalizer where it doesn’t matter how much money or resources a company has, everyone is equally vulnerable to a breach.
API-Security

April 3, 2022

Shadow APIs require a search light of discovery

Shadow APIs require a search light of discovery

Organizations must understand all the APIs in their ecosystems, as well as the specific risks associated with each of them to both detect and protect against attacks.
API-Security

April 5, 2022

Shields up against Spring4shell attacks - Traceable AI Quick Start Guide

Shields up against Spring4shell attacks - Traceable AI Quick Start Guide

Spring4shell vulnerability (CVE-2022-22965) enables Remote Code Execution when using the Spring Framework
App Security

April 8, 2022

Building an API Security Solution Framework

Building an API Security Solution Framework

The beginning of defining a framework for what requirements a good API security solution should meet. Intended to encourage a healthy discussion and be a tide that lifts all boats in getting to a more secure API-driven future.
API-Security

April 9, 2022

Spring4shell vulnerability (CVE-2022-22965) enables Remote Code Execution when using the Spring Framework

Spring4shell vulnerability (CVE-2022-22965) enables Remote Code Execution when using the Spring Framework

Spring4shell vulnerability (CVE-2022-22965) enables Remote Code Execution when using the Spring Framework
App Security

April 4, 2022

My Design Internship at Traceable.ai

My Design Internship at Traceable.ai

I am grateful that I was entrusted with a role, which helped me grow as a designer.
Company

March 25, 2022

January Software Release - Kicking off the New Year

January Software Release - Kicking off the New Year

It’s January and we kicking off the new year with a new set of features aimed at improving application security for our customers. Traceable AI has released a range of new features and deployment options with the continued aim to help our customers to have the best API security solution on the market.
Releases

February 16, 2022

Bigger Organizations Have Multiple Attack Surfaces

Bigger Organizations Have Multiple Attack Surfaces

Nowadays, protecting within the organization is table stakes, and we have to go beyond the four walls, we have to go and make sure that not only do we protect our organization, we also have to consider the ecosystem of our partners, the supply chain consisting of other third parties. These third parties and multiple stakeholders are going to interact with our systems, and we are going to interact with their systems using APIs. So, when we start interacting with APIs, cloud and SaaS models, the overall system is no longer within four walls or defined boundaries.
API-Security

March 1, 2022

Instant Log4j protection. Shield and hunt with Traceable AI

Instant Log4j protection. Shield and hunt with Traceable AI

A look at the challenges teams face with mitigating Log4j vulnerabilities (i.e. Log4Shell) and how Traceable AI closes those gaps.
API-Security
App Security

December 28, 2021

API vs Webhooks: How to Know When to Use Each

API vs Webhooks: How to Know When to Use Each

Applications on the internet today rely a lot on third-party integrations. And why shouldn't they, when it helps developers focus more on the core product than tangling with different features? For instance, you could use a simple tool to handle your email marketing campaigns, or you could use a third-party payment provider to handle all the payments on your website.
Developer
Foundations

January 5, 2022

Traceable AI Protects Against the Log4j / Log4Shell Vulnerabilities

Traceable AI Protects Against the Log4j / Log4Shell Vulnerabilities

The new Log4j vulnerability (Log4Shell) has gotten the Internet up in arms. There are active exploits and scanning for the vulnerability is rampant. The vulnerability is widespread and will take time to resolve everywhere. Here's how can Traceable AI help.
API-Security
App Security

December 13, 2021

No Results Found

API Inspector
API Security Ownership
Blog
Technology
PCI DSS Compliance
Observability
LLM
Foundations
Developer
API Sprawl
Fraud
Security Research
Breach Analysis
News
Generative AI
Company
Traceable ASPEN
State of API Security
Releases
App Security
API-Security
Cloud Native

The Regulators Are Coming for Your Washing Machine App

The Product Security and Telecommunications Infrastructure (PSTI) Act 2022 and the Security Requirements for Relevant Connectable Products Regulations 2023 are setting new standards for IoT device security in the UK. These regulations mandate manufacturers to secure hardware, software, and APIs against breaches, prohibit default passwords, ensure secure storage of API keys, and implement vulnerability management processes. Learn how these laws impact IoT manufacturers and the steps needed for compliance.

July 30, 2024

Service Now RCE - The Three Keys to ServiceNow's Data Vault

ServiceNow recently patched critical vulnerabilities (CVE-2024-4879, CVE-2024-5178, CVE-2024-5217) that allow remote code execution and sensitive file reads. Exploits involve server-side template injection using Apache Jelly. Traceable has deployed protection mechanisms to safeguard against these threats.

September 3, 2024

Who Owns API Security? Introducing the Key Players

In modern application development, APIs (Application Programming Interfaces) are pivotal for connectivity and functionality. However, with their rising usage, API security risks also escalate. Ensuring API security isn't the duty of a single individual or team; it necessitates collaboration among multiple stakeholders. From CISOs to heads of enterprise architecture and product security, this blog delves into the key players and their roles in crafting a robust API security program.

July 18, 2024

Traceable API Security Platform Updates - June & July 2024

This past month’s releases include major improvements to data classification, UX improvements for API catalog, AST changes, and a new threat activity UI for improved visibility and more efficient analysis.

Recent Posts

Securing Generative AI-Enabled Applications: Crawl - Walk - Run Strategy for Product Security

September 6, 2024

Service Now RCE - The Three Keys to ServiceNow's Data Vault

September 3, 2024

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

August 19, 2024

Organizing API Security Around the NIST Cybersecurity Framework

August 2, 2024

The Regulators Are Coming for Your Washing Machine App

July 30, 2024

Navigating the Road to Automotive Security

July 23, 2024

API Security

View All Blogs
arrow

Organizing API Security Around the NIST Cybersecurity Framework

Explore how the NIST Cybersecurity Framework 2.0 can revolutionize your API security strategy. This guide outlines key functions and activities for securing APIs, including risk identification, protection measures, real-time detection, incident response, and recovery processes. Enhance your organization's API security posture and protect critical data with actionable insights and best practices.

August 2, 2024

API Security: What Every Developer Needs to Know

APIs are the backbone of modern apps. Learn crucial API security principles to defend against OWASP Top 10 vulnerabilities, implement robust authentication, and ensure data protection.

April 19, 2024

API Summit 2024: Security Challenges, AI, and What's Next

API security isn't always top of mind. Here's what I learned about the challenges and the latest trends from the API Summit.

March 28, 2024

Context-Aware Security as the Key Driver for Enhancing API Security in 2024

APIs are evolving, and so is API security. Context-aware security analyzes user behavior, data sensitivity, and environmental factors for real-time threat responses. Discover why it's the future of API protection in this comprehensive blog post.

March 17, 2024

Traceable ASPEN

View All Blogs
arrow

Service Now RCE - The Three Keys to ServiceNow's Data Vault

ServiceNow recently patched critical vulnerabilities (CVE-2024-4879, CVE-2024-5178, CVE-2024-5217) that allow remote code execution and sensitive file reads. Exploits involve server-side template injection using Apache Jelly. Traceable has deployed protection mechanisms to safeguard against these threats.

September 3, 2024

Service Now RCE - The Three Keys to ServiceNow's Data Vault

ServiceNow recently patched critical vulnerabilities (CVE-2024-4879, CVE-2024-5178, CVE-2024-5217) that allow remote code execution and sensitive file reads. Exploits involve server-side template injection using Apache Jelly. Traceable has deployed protection mechanisms to safeguard against these threats.

September 3, 2024

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

APIs are essential for modern web applications, but they also introduce significant security challenges. Even large enterprises can fall prey to simple API vulnerabilities, as demonstrated by Traceable's discovery of a critical security flaw in Honeywell’s BEDQ system. This incident underscores the importance of robust API security measures.

August 19, 2024

Navigating the Road to Automotive Security

In today's connected world, automobiles are complex systems driven by APIs, but this brings risks; Traceable ASPEN's latest research highlights urgent automotive security needs by analyzing recent vulnerabilities, including real-time vehicle tracking and data breaches.

July 23, 2024

Product Updates

View All Blogs
arrow

Traceable API Security Platform Updates - June & July 2024

This past month’s releases include major improvements to data classification, UX improvements for API catalog, AST changes, and a new threat activity UI for improved visibility and more efficient analysis.

December Software Release

December was an extremely busy month for Traceable as we worked with customers to protect their environments from the Log4Shell vulnerability.

February 15, 2022

Traceable API Security Platform Updates - May 2024

Traceable, a leading API security platform, has released major updates in May 2024, including new compliance policies and issues dashboard, fine-grained filters for targeted API security testing, and enhancements to credential stuffing and volumetric attack detection. These updates empower organizations to maintain API compliance, conduct targeted security testing, and combat advanced API threats effectively.

June 20, 2024

March | Traceable AI Feature Release

Stay current with new developments from Traceable AI; including, local hosting for EU/Asia and support for agentless deployments.

April 6, 2022

February | Traceable AI Feature Release

Stay current with new developments from Traceable AI; including, new support for AWS Lambda serverless architecture and new privacy features for managing sensitive data.

March 18, 2022

Traceable Defense AI M8 Released

Easier deployment process, extended agent support, extended API Intelligence, easier to find problems, protection additions, improved UX around threat hunting, ability to isolate per environment

April 11, 2021

The Inside Trace

Subscribe for expert insights on application security.

Thanks! Your subscription has been recorded.

or subscribe to our RSS Feed

WHY TRACEABLE
Why TraceableOur CustomersOur PartnersAbout TraceableIn the NewsRequest DemoCompare Traceable
PLATFORM
API DiscoveryAttack ProtectionAttack DetectionFraud and Bot SecurityAPI Testing
USE CASES
API DiscoveryShift Left SecuritySensitive Data ExfiltrationAccount TakeoverBot MitigationIncident ResponseData Privacy and Compliance
RESOURCES
OverviewRelated API Resources BlogWebinarsCustomer Peer ReviewsCase StudiesWhite PaperDatasheetsDocumentationCustomer Success & Support
COMPANY
Sign In CareersPressPress KitASPEN LabsCustomer SupportSecurity and ComplianceLegalPrivacy Policy

© 2024 Traceable Inc.

548 Market Street PMB 83903, San Francisco, CA 94104-5401