Skip to content

AppSec Observer: APIs

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe Now
    Topics
    Contrast discovers MLflow framework zero-day that threatens to poison machine language models

    Contrast discovers MLflow framework zero-day that threatens to poison machine language models

    Most Machine Language (ML) tools — including the development frameworks used for managing ML life cycles — are..

    The evolution of island hopping

    The evolution of island hopping

    Cyber Bank Heists report sheds light on the evolution of island-hopping cyber threats This year’sCyber Bank Heists..

    Cybersecurity Insights with Contrast CISO David Lindner | 12/16

    Cybersecurity Insights with Contrast CISO David Lindner | 12/16

    Insight #1 " Lobbying from ITIC has pushed back on the recent OMB 22-18 directive to require self-attestations and..

    Building a modern API security strategy — API protection

    Building a modern API security strategy — API protection

    Part four of the five-part series, Building a modern API security strategy.

    Building a modern API security strategy — API components

    Building a modern API security strategy — API components

    Part three of the five-part series, Building a modern API security strategy.

    Building a modern API security strategy: A five-part series — Overview

    Building a modern API security strategy: A five-part series — Overview

    The Spring4Shell exploit was, really, quite elegant.

    Feeble APIs = Feeble app security

    Feeble APIs = Feeble app security

    Your apps are only as secure as each one of your scores of APIs.