Security News

New Microsoft Graph APIs released today in public preview allow developers and IT professionals to manage Windows 10 updates and expedite Windows 10 security updates in enterprise environments. "By connecting deployment service capabilities with Microsoft Graph, app developers can easily build rich update management tools and extend these experiences with contextual user data," Microsoft Principal Program Manager David Mebane explained.

Security researcher David Sopas has published a new open-source project: MindAPI, a mind map with resources for making API security research easier. "After years of using it, I decided to implement my API security research experience and apply it on something that I could share not only with the infosec community, but also with developers."

OneCloud announced the Anaplan BizApp to support Anaplan Transactional APIs, expanding the company's Anaplan integration connector. Launched in September 2020, Anaplan Transactional APIs enable users to read and write granular data, quickly zero in on the precise data they need, exactly when they need it, and deliver deeper insights into their workspaces and models.

Data Theorem introduced Cloud Secure, application-aware full stack cloud security product with attack surface management for protecting data in cloud-native apps, API services and serverless cloud functions. As Data Theorem's latest product powered by Analyzer Engine, Cloud Secure is available to identify and remediate potential data breaches found in public cloud services used to power today's modern web and mobile applications.

There are major gaps in API security based on insights from over 100 senior security leaders at large enterprises in the United States and Europe, an Imvision report reveals. With 9 out of 10 security leaders naming API security as a priority, survey results indicate a consensus among professionals that the shift to the cloud and expansive adoption of APIs have created a new layer of technology that requires dedicated attention.

Corsair M360 announced its HENOTIC API management platform. HENOTIC is engineered to deliver next-generation capabilities to companies tackling the digital integration challenges among clouds, applications, data, and infrastructure.

PlusOne Solutions launched its open Application Programming Interface for Customers looking to create a unified method for managing their Service Network compliance data and compliance programs. The PlusOne Solutions API allows for the communication of multi-layered compliance information including Contractor, sub-contractor, and contractor employee levels to ensure a full view of the network's compliance and risk information.

Calix announced a significant update to AXOS which expands infrastructure APIs to enable full modularity across network functions. As new services proliferate and network demand increases, the pace of new service rollouts is accelerating across markets.

Index Engines released an API-based developer's kit to support the integration of CyberSense software's analytics and reporting into third-party backup and storage platforms. CyberSense can directly index files in backup images, including Dell EMC NetWorker/Avamar, Veritas NetBackup, IBM Spectrum Protect, and Commvault without the need to rehydrate the data.

The Knight Ink vulnerability research study details findings, and also notes that the results are particularly worrisome given the increased reliance on mHealth apps during the global pandemic, which in turn is drawing threat actors to mHealth apps as an attack surface of choice. "Observers with Pew Research noted that mHealth apps are now generating more user activities than other mobile device apps such as online banking and job searching. Observers also note that patient IDs and PHI are more lucrative in dark web markets than credit card data."