AppSec - Escape - The API Security Blog

[Webinar] How to secure modern, cloud-native applications with Escape and Wiz

Learn from Escape and Wiz’s joint customer, Sr. AppSec Manager Seth Kirschner at DoubleVerify, on how to leverage the Escape x Wiz integration for code-to-cloud security.

Application Security

Building security training for developers in 2024: Is it really worth it and how to proceed?

If you're a security engineer, the chances that you've struggled with your development team to implement secure coding practices are high. If you don't have the right culture in your organization, it might be even harder. Developers consider you as an adversary, rather than

API Security

Webinar: Best Practices for API security

Learn the ins and outs of keeping your APIs secure.

Application Security

What is business logic, and why it's important for application security

Is understanding business logic a critical component of application security? Absolutely. In the world of cybersecurity, business logic is more than just a set of operational directives. It serves as the crucial bridge between an application's technical function and its alignment with strategic business goals. More than that,

API Security

Escape API Security Checklist

Are you looking to make your API security program stronger? Do you sometimes find it challenging to spot and address security vulnerabilities effectively? You're not alone! Many security professionals like you face challenges in improving API security because technology and cyber threats keep changing. This makes ensuring strong

AppSec

Application security audit: an in-depth guide

Introduction What are application security audits? In information technologies departments, application security audits are systematic evaluations conducted to assess the security posture of an organization's applications. Application security audits involve finding possible threats and determining the organization's attack surface. The different vectors that attackers can leverage

API Security

Introducing business logic security testing for REST APIs

After one year and a half of approaching API security through the lenses of GraphQL, we are proud to introduce full support for REST API Security Testing in Escape, in addition to GraphQL 🚀 You like us on GraphQL. You will love us on REST. It's been a ride

AppSec

Hacking GraphQL Playground

GraphQL Playground has had a known XSS security issue since 2020. We give 2 very concrete scenarios to show you how it could unfold if it were to be exploited in your organization.

AppSec

9 GraphQL Security Best Practices

GraphQL has no security by default. All doors are open for the most basic attacks. Read more to learn about the exact threats and some simple strategies you can implement to get your users' data under lock and key 🔐

DevSecOps

Top 7 DevSecOps Best Practices

DevSecOps aims at integrating security inside the development process. It can be hard to know where to start. In this article, learn the best practices to implement DevSecOps in your engineering teams.