Escape - The API Security Blog (Page 2)

Escape vs Salt Security

Discover why Escape is a better API security solution.

How API Security Fits into DORA Compliance: Everything You Need to Know

With over 22,000 financial institutions and IT service providers now affected, the Digital Operational Resilience Act (DORA) represents an important shift in cybersecurity for the EU’s financial sector. DORA forces tighter collaboration between regulators, financial institutions, and third-party vendors. It’s not just about protecting internal systems anymore

Product updates

Product Updates: Escape’s Advanced Jira Integration - Send Remediation Details to Your Developers

We’re thrilled to introduce Escape’s advanced Jira integration! Bridging the gap between security and development has never been easier.

API Security

Escape vs Cequence Security

Discover why Escape is a better API security solution.

The Elephant in AppSec

A Future of Security Free from CNAPP - Keynote Interview with James Berthoty

Learn why CNAPP may be failing security teams and explore the future of cloud security.

Pentesting

What are the actual benefits of pentesting? Insights from Harsh Modi

This blog is based on our conversation with Harsh Modi, Senior Security Engineer at Bell. It explores what are the benefits of pentesting, and its real-world implications.

Shift left

Why ‘Shift-Left’ Isn’t Good Enough? Our conversation with Chris Romeo

This blog is based on our conversation with Chris Romeo, founder of Devici, an AI-infused collaborative threat modeling tool. It explores how "shift-left" may be a useful tool in the security toolkit, but it’s far from the only one.

Product updates

Product Updates: Persisted GraphQL Query Support

You can now test the security of persisted GraphQL Queries with Escape's platform. This new capability enhances our GraphQL API security testing by providing deeper insights into vulnerabilities specific to persisted queries, enabling your team to protect your APIs from targeted attacks better. We support the following formats:

API Security

Escape vs Rapid7

Discover why Escape is a better API security solution.

API Security

Escape vs Noname Security (recently acquired by Akamai)

Discover how Escape helps implementing API Security faster and with lower overhead than traffic-based solutions like Noname Security.

Product updates

Our Latest Product Updates

We’re constantly improving our product for our customers. See the latest features, improvements, and fixes we have shipped over the past month. Customize your compliance view Last month we shipped a new feature designed to enhance your compliance management experience. It allows you to hide irrelevant compliance frameworks from

API Discovery

How Escape’s agentless API discovery technology works

Discover what makes Escape's agentless API discovery technology truly innovative.

API Security

Reinventing API security: Why Escape is better than traditional DAST tools

We have been doing API Security wrong. Discover how the limitations of DAST API security tools might impact your security and why Escape's technology is the best way to protect your APIs.

API Security

Reinventing API security: Why Escape is better than traditional traffic-based tools

We have been doing API Security wrong. Discover how the limitations of traffic-based API security tools might impact your security and why Escape's agentless technology is the best way to protect your APIs.

API Security

The State of GraphQL Security 2024

Insights from 13,000 GraphQL API issues: Read our deep dive into the current state of GraphQL security.

API Security

Introducing the API Threat Landscape, a new resource for API security researchers

Since 2022, Escape's security research team has been tracking API-related data breaches. We’ve decided to make our database public, providing detailed insights into primary attack vectors, threat actors, tools, and techniques. The database is updated every two weeks.

Podcast

AI Security: How Hard Is It to Develop Secure AI?

This blog is based on our conversation with Rob van der Veer, Senior Principal Expert at the Software Improvement Group. It explores the complex challenges of developing secure AI systems and the critical role of governance and role segregation in AI security.

Product updates

Product updates: Automated schema generation

We are excited to introduce our latest feature: automated schema generation for all your discovered APIs. Having an OpenAPI Specification (OAS) is beneficial because it provides a standardized, machine-readable format for documenting RESTful APIs, promoting clarity and consistency across different services. with an OAS, developers can leverage a plethora of

API Security

Limitations of current automatic specification generation tools

Have you ever wondered how automatic specification generation can streamline API security scanning? By significantly reducing the manual effort involved in creating and maintaining API specifications, automated tools offer clear benefits in terms of scan accuracy and setup time. Yet, many existing tools on the market have notable limitations. Understanding

API Discovery

Why API Discovery is Important for Financial Companies

Discover the role of APIs in the financial sector, and how API discovery ensures security, compliance, and efficiency in financial services.

Data breaches

Twilio's Authy Breach: The Attack via an Unsecured API Endpoint

A recap of Twilio's Authy app breach, which exposed 33 million phone numbers. Including the impacts, lessons learnt and recommendations to enhance your security.

Case Study

Case Study: How Escape helps the French Football Federation secure the development of its online services

Discover how Escape secures the development of the online services of the French Football Federation.

Best Practices

An Analysis of Kuppinger Cole’s Selection Criteria for API Management and Security

Discover how Escape fits the Kuppinger Cole selection criteria of API Management and Security Solutions.

Webinar recap

Webinar recap: How to build relationships with developers?

Join our guest expert, Dustin Lehr, to learn how to earn developers' respect, introduce gamification, and get issues fixed in a security context.

Case Study

Étude de cas : Comment Escape aide la Fédération Française de Football à sécuriser le développement de ses services en ligne

La Fédération Française de Football (FFF) est l'instance dirigeante du football en France, supervisant tous les aspects du sport, des niveaux amateurs aux ligues professionnelles. Pour accomplir sa mission de promotion et de développement du football, la FFF s'appuie sur des plateformes numériques et des API