Announcing our newest product - Recon
Dozens of masterclasses taught by the people who know API security best
API Security is a programmatic approach to protecting APIs from the unique security risks and vulnerabilities that traditional AppSec tools don't address.
Learn what Dynamic Application Security Testing (DAST) is, discover the benefits and limitations, and uncover what makes DAST different than other methods.
Discover what Static Application Security Testing (SAST) is and get answers to FAQs around how SAST works, the difference between SAST vs DAST, and more.
Software Composition Analysis (SCA) is a process which identifies precisely what has been used in a piece of software. Learn everything you need to know.
The OWASP API Top 10 is a classification of the most common API vulnerabilities. Understand the biggest threats facing APIs and how to get prepared.
Though API gateways provide basic API security controls, they unfortunately are not enough to adequately protect your business from API specific threats.
A Web Application Firewall is a security device designed to protect at the application level. Get answers to what a WAF does, how it works, and more.
Learn what OpenAPI is, what it does, and how it works. We'll also explore some of the more notable reasons developers turn to the OpenAPI standard.
Noname Security provides unmatched API protection when compared to runtime protection solutions from Cequence, Prisma Cloud, Imperva, and more.
Discover how Noname Security provides superior API protection when compared to web application firewalls (WAFs) and API gateways.
See why Noname is the preferred API security vendor when compared to tools that only test APIs like those from 42Crunch, API Clarity, and more.
Evaluate legacy application security tools from Salt, Traceable, Wallarm, and more, against the best-in-class API protection from Noname Security.
Application programmable interfaces, or APIs, are vital for digital transformation. Learn what APIs are, what they do, and why protecting them is critical.
Broken Object Level Authorization is the top API security vulnerability according to OWASP. Learn how serious the threat is and how to defend against it.
Discover how the latest API security best practices enhance your API security posture and enable you to mitigate a great proportion of API risk.
Without proper safeguards, REST APIs represent a vulnerable attack surface. Explore the most common and effective countermeasures against threats.
Business logic maps how the various parts of a business work together in real life. Discover why many applications rely on it in order to work correctly.
Securing application programming interfaces (APIs) can be challenging. Use this checklist to establish best practices and identity areas for improvement.
GraphQL is a query language for APIs that allows you to express requests concisely. Learn why its popular among developers working on large-scale web apps.
Learn what microservices are, how they help improve application functionality, and enable developers to easily create and maintain software applications.
Learn how the right plans can help you continue its operations in the event of a major disruption, such as a natural disaster or security incident.
Learn what an API call is, what the most common types of API calls are, as well as how best to keep them secure against malicious threats.
Learn what a denial of service attack is, the types of attacks, how they are conducted, and how to protect your organization against them.
Learn the difference between modern API security testing tools and traditional application security solutions like DAST, SAST, IAST, and SCA.
Discover how attackers exploit weaknesses in API user authentication to compromise accounts and make API requests as if they were a legitimate user.
Learn what API security testing is, why it's important, and the vulnerabilities it can uncover. Get recommendations on optimal testing times and methods.
Learn what API discovery is, why it's important, and why having an accurate inventory of your all your API's is paramount to secure your environment.
Excessive data exposure ranks 3rd on the list of OWASP Top 10 API security risks. Learn what it is and how to reduce the excessive data exposure in APIs.
Discover why API runtime protection the foundation for identifying and blocking threats to your APIs. Learn techniques like anomaly detection and more.
Learn about Simple Object Access Protocol (SOAP), what it does, where it can be effective, and the vulnerabilities it can potentially create for APIs.
APIs handle significantly higher volumes of requests at different times. To meet increases in traffic, admins have two choices when it comes to scaling.
A load balancer functions like a network “traffic cop,” routing client requests, such as for web page views, to the servers that fulfill those requests.
Lack of resource and rate limiting ranks 4th on the list of OWASP Top 10 API security risks. Learn what it is and how to protect your APIs.
Attack vectors are methods or pathways hackers use to gain illegal access to a computer, system, or network to exploit system vulnerabilities.
Using JSON-RPC, an application can send a message to another application requesting that it perform a function, such as the processing of data.
API authentication is critical for API security. It is a process that verifies the identities of users who want access to an API.