Skip to content

AppSec Observer: APIs

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Cybersecurity Insights with Contrast CISO David Lindner | 3/29/24

    Cybersecurity Insights with Contrast CISO David Lindner | 3/29/24

    Insight #1 According to Google, zero days being exploited in the wild jumped 50% last year. I just don't understand..

    Cybersecurity Insights with Contrast CISO David Lindner | 3/22/24

    Cybersecurity Insights with Contrast CISO David Lindner | 3/22/24

    Insight #1 Things are well and good in the hacker community, as they are now attacking critical water systems. But..

    Contrast discovers MLflow framework zero-day that threatens to poison machine language models

    Contrast discovers MLflow framework zero-day that threatens to poison machine language models

    Most Machine Language (ML) tools — including the development frameworks used for managing ML life cycles — are..

    The evolution of island hopping

    The evolution of island hopping

    Cyber Bank Heists report sheds light on the evolution of island-hopping cyber threats This year’sCyber Bank Heists..

    Cybersecurity Insights with Contrast CISO David Lindner | 12/16

    Cybersecurity Insights with Contrast CISO David Lindner | 12/16

    Insight #1 " Lobbying from ITIC has pushed back on the recent OMB 22-18 directive to require self-attestations and..

    Building a modern API security strategy — API protection

    Building a modern API security strategy — API protection

    Part four of the five-part series, Building a modern API security strategy.

    Building a modern API security strategy — API components

    Building a modern API security strategy — API components

    Part three of the five-part series, Building a modern API security strategy.

    Building a modern API security strategy: A five-part series — Overview

    Building a modern API security strategy: A five-part series — Overview

    The Spring4Shell exploit was, really, quite elegant.

    Feeble APIs = Feeble app security

    Feeble APIs = Feeble app security

    Your apps are only as secure as each one of your scores of APIs.