API security

API security is the cornerstone of a connected business’ identity and access management strategy. As more apps move into the cloud and connections between services become standard, APIs drive business growth, connect clients with their customers, and stimulate technological advancement. A comprehensive strategy for APIs requires thoughtful security measures.

What Is a Data Breach?

A data breach happens when cybercriminals gain unauthorized access to a system or network, allowing them to search for sensitive data pertaining to a business and its customers, and using it to extract some form of illegal value. Attackers might sell this data on the dark web, directly engage in fraud, hold the information for ransom, or use it to…

API Security Threats in the Real World

When we think of compromised API security, we typically see an image of a hoodie-wearing hacker toiling away in a darkened room, targeting a bank’s server. We can imagine them compiling a custom tool, launching it against the system, and celebrating as your 401k becomes theirs. Alternatively, we may even picture armies of hackers using…

5 Approaches to API Security

The goal when implementing API security is to safely ensure the right people and systems have access to the right things to accomplish their task in the shortest time necessary. In this blog we’ll take a quick look at the pros and cons of the 5 approaches to API security described in greater detail within our white paper, API Security from…

OAuth: When Things Go Wrong

Picture this: you sign up for a new app, and it asks if any of your friends are using it. In order to find out, the app asks for your email address...and your password. While it seems ludicrous now, this was once considered a normal user flow. But many apps still need permissions from third-party programs. And if users can’t do this safely, they…

Using SIEM and Identity to Protect Against Data Breaches

“We are what we repeatedly do“ is a common paraphrase of Aristotle—though if he were around today, his sentiment might be more like “we are what we search, click, or connect to.” As security professionals well know, there’s a lot to learn from how we use technology. The interactions between users, applications, networks, devices, and APIs all…

The Connective Tissue: How APIs Drive Business Growth

Most of the pivotal developments in human history have facilitated better connection. From written language to the Gutenberg printing press, whenever we improve our communication, society as a whole leaps forward. In the digital era, the internet revolutionized our lives by enabling instant global communication. This paved the way for what could…

GDPR, Privacy and Consent Management: How Okta Can Support Your CIAM Requirements

Beginning on May 25, 2018, the General Data Protection Regulation (GDPR) became officially enforceable. This new regulation is now top of mind for any organization storing and processing EU citizen data. Consumer-facing apps and sites are of particular sensitivity. The challenge is that while the GDPR provides guidelines for compliance, it is not…

Archive