Security News
IPinfo announced it built and launched Host.io, a rich and powerful domain name data API. The site collects data on every known domain name, from every TLD, and updates every month. Host.io's data includes DNS records and website data for each of the domains.
Single sign on provider Okta is opening its platform to third-party developers with a new Okta Devices SDK and an accompanying API that it said will allow developers to "Leverage the power of Okta Verify to build customized, secure, and seamless login experiences for their customers." Announced at Okta Showcase 2020, the new SDK was built for a mobile-first world that Okta said requires organizations to constantly deliver new bespoke and custom-tailored experiences for customers.
Three immediate steps to take to protect your APIs from security risksUndermining the power of an API-driven development methodology are shadow, deprecated and non-conforming APIs that, when exposed to the public, introduce the risk of data loss, compromise or automated fraud. Nowadays, companies not only invest in IT security solutions, but also in the training of their employees with the goal of making them more conscious of security issues.
Anyscale announced Ray 1.0, the latest version of the Ray open source project. Ray 1.0, which provides a universal serverless compute API and an expanded ecosystem of libraries, was shared with attendees at the first annual Ray Summit, along with the announcement of the private beta of Anyscale's managed Ray platform.
If there's no larger, cohesive conversation, then various development and operational teams could be taking conflicting approaches to mitigating API security risks. To improve an organization's API security posture, it's critical that outstanding questions are asked and answered immediately so that gaps in security are reduced and closed.
Twitter developers are being warned of a security bug that may have exposed their applications' credential information - including sensitive application keys and access tokens. These applications allow Twitter users to incorporate multiple platforms into their Twitter account - for instance, OutTwit, a Windows application, allows users to access Twitter via Outlook.
Twitter developers are being warned of a security bug that may have exposed their applications' credential information - including sensitive application keys and access tokens. These applications allow Twitter users to incorporate multiple platforms into their Twitter account - for instance, OutTwit, a Windows application, allows users to access Twitter via Outlook.
Twitter last week started sending emails to developers to inform them of a vulnerability that might have resulted in the disclosure of developer information, including API keys. Designed to provide developers using the Twitter platform and APIs with access to documentation, community discussion, and other type of information, the portal also offers app and API key management functionality.
Volterra announced new capabilities for its VoltMesh service to provide globally distributed networking and security for cloud-native, API-centric applications. The Gartner report Ensure Your API Management Solution Supports Modern API Trends Such as Microservices and Multicloud states, "Gartner's 2019 API Strategy and Usage Survey found that 45% of surveyed organizations reported using microservices architecture to build APIs".
Application security testing company GrammaTech announced on Wednesday that it has released an open source tool designed to detect API usage errors. The tool, named SWAP Detector, was developed as part of a research project sponsored by the U.S. Department of Homeland Security and GrammaTech says it can be highly useful for DevOps application security testing.