How we discovered over 18,000 API secret tokens by analyzing 1M domains on the web
State of GraphQL Security 2023
What scanning 1500+ endpoints has told us about securing GraphQL in production...
State of Public APIs 2023
Analysis of the design, performance and security of 6000+ Public APIs
API Security Checklist
Are you looking to make your API security program stronger? Our API Security Checklist is here to help.
OWASP TOP 10 checklist
Discover the latest insights into the 2023 OWASP API Security Top 10.
Learn the best practices to implement DevSecOps in your engineering teams.
How Lightspeed ensures full security compliance with Escape
Discover how Lightspeed, the unified point of sale and payments platform, maintains security compliance.
How Escape enhanced Shine's application security
Discover the transformative impact of Escape on API security of Shine, an online banking for professionals.
How Thinkific has achieved enterprise-grade GraphQL security
Discover the challenges Thinkific faced and how they achieved enterprise-grade GraphQL security with Escape.
A free tool that runs a dozen common security tests on a given GraphQL endpoint.
A middleware for JS servers that adds a security layer to GraphQL endpoint in minutes.
A free tool that runs a dozen common security tests on a given REST API using its OpenAPI specification.
A free tool that runs a dozen common security tests on a given OpenAI ChatGPT Plugin using its manifest.
GPT Security Bot
Learn more about testing and securing APIs with the help of our GPT bot
Is Gen AI your new AppSec weapon? with Sandesh Mysore Anand
Learn how we challenged Sandesh on whether Gen AI can actually supercharge your AppSec program and what a potential shift in the skillset requirements for AppSec engineers would look like in the future.
Security training: necessary investment or overrated expense with Mel Reyes
Discover Mel's insights on whether investment in security training within the organizations is truly justified.
What is ASPM: A breakdown of the current state and its future with James Berthoty
Explore what is ASPM, what's wrong with its current state, what’s missing from Gartner's perspective, and what ASPM might look like in the future.
SCADA systems: How secure are the systems running our infrastructure? with Malav Vyas
Explore whether APIs introduce more security risks than benefits to SCADA systems, how hard it is to secure SCADA, and key future challenges.
Threat modeling: the future of cybersecurity or another buzzword with Derek Fisher
We discussed how to do threat modeling right (and wrong), what’s wrong with its current state, and what its future might look like.
Security experience: top-down vs bottom-up with Jeevan Singh
Throughout our talk, we had a chance to challenge Jeevan on his vision, opinions, and ask some "spicy" questions!
Lack of effective DAST tools with Aleksandr Krasnov
Our first episode with Aleksandr Krasnov, the principal security engineer at Meta, who challenges the effectiveness of existing DAST tools with us.
Webinar: Best practices for API security
Join Tristan Kalos at our webinar with GitGuardian to learn the ins and outs of keeping your API’s secure.
Webinar: Building your product security roadmap
In-depth recap of our hands-on product security webinar with James Berthoty—gather the best knowledge and insights!
Looking for hands-on training?
We’ve got you covered. Join our API Security Academy and learn how to secure your GraphQL applications with free and interactive online modules.