80 subscribers
با برنامه Player FM !
Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300
Manage episode 441615579 series 2086045
APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational damage. In this discussion, David Holmes offers insights into the latest trends in API and bot attacks and provides strategies to defend against these threats.
Segment Resources:
- The Economic Impact of API and Bot Attacks: https://www.imperva.com/resources/resource-library/reports/the-economic-impact-of-api-and-bot-attacks/
- The True Cost of API Insecurity and Bot Attacks in 2024: https://www.imperva.com/resources/resource-library/webinars/the-true-cost-of-api-insecurity-and-bot-attacks-in-2024/
This segment is sponsored by Imperva. Visit https://www.securityweekly.com/imperva to learn more about them!
In the news, fuzzing network traffic in OpenWRT, parsing problems lead to GitLab auth bypass, more fuzzing finds vulns in a JPEG parser, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-300
345 قسمت
Manage episode 441615579 series 2086045
APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational damage. In this discussion, David Holmes offers insights into the latest trends in API and bot attacks and provides strategies to defend against these threats.
Segment Resources:
- The Economic Impact of API and Bot Attacks: https://www.imperva.com/resources/resource-library/reports/the-economic-impact-of-api-and-bot-attacks/
- The True Cost of API Insecurity and Bot Attacks in 2024: https://www.imperva.com/resources/resource-library/webinars/the-true-cost-of-api-insecurity-and-bot-attacks-in-2024/
This segment is sponsored by Imperva. Visit https://www.securityweekly.com/imperva to learn more about them!
In the news, fuzzing network traffic in OpenWRT, parsing problems lead to GitLab auth bypass, more fuzzing finds vulns in a JPEG parser, and more!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw-300
345 قسمت
همه قسمت ها
×
1 Appsec News & Interviews from RSAC on Identity and AI - Rami Saas, Charlotte Wylie - ASW #331 1:01:48

1 Secure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubba, Gal Elbaz - ASW #330 1:09:38

1 AI Era, New Risks: How Data-Centric Security Reduces Emerging AppSec Threats - Vishal Gupta, Idan Plotnik - ASW #329 1:03:03

1 Managing Secrets - Vlad Matsiiako - ASW #327 1:03:03

1 More WAFs in Blocking Mode and More Security Headaches from LLMs - Sandy Carielli, Janet Worthington - ASW #326 1:14:45

1 In Search of Secure Design - ASW #325 1:07:36

1 Avoiding Appsec's Worst Practices - ASW #324 1:11:19

1 CISA's Secure by Design Principles, Pledge, and Progress - Jack Cable - ASW #321 1:13:50

1 Keeping Curl Successful and Secure Over the Decades - Daniel Stenberg - ASW #320 1:09:02

1 Developer Environments, Developer Experience, and Security - Dan Moore - ASW #319 1:10:21

1 Code Scanning That Works With Your Code - Scott Norberg - ASW #317 1:12:52

1 Threat Modeling That Helps the Business - Akira Brand, Sandy Carielli - ASW #316 1:11:39

1 Security the AI SDLC - Niv Braun - ASW #315 1:08:34

1 Discussing Useful Security Requirements with Developers - Ixchel Ruiz - ASW #313 1:07:41

1 DefectDojo and Bringing Quality Appsec Tools to Small Appsec Teams - Greg Anderson - ASW #312 1:07:10

1 Applying Usability and Transparency to Security - Hannah Sutor - ASW #311 1:09:42

1 Adding Observability with OpenTelemetry - Adriana Villela - ASW #309 1:10:55

1 Biometric Frontiers: Unlocking The Future Of Engagement - Andras Cser, Enza Iannopollo - ASW #308 1:10:32

1 Modernizing AppSec - Melinda Marks - ASW #307 1:09:29

1 Bug bounties, vulnerability disclosure, PTaaS, fractional pentesting - Grant McCracken - ASW #306 1:05:35

1 Making TLS More Secure, Lessons from IPv6, LLMs Finding Vulns - Arnab Bose, Shiven Ramji - ASW #305 1:22:48

1 The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304 1:17:25

1 The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302 1:12:35

1 More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - Farshad Abasi - ASW #301 45:57
به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.