Resources

whitePaper

Best Practices for API Compliance & Privacy

APIs have become a primary target for hackers, who have discovered APIs are frequently under-secured and over-permissioned. Auditors and regulators are also noting the risk created by public-facing APIs.

Download →
blog

DevSecOps and API Security

Given the rapid pace of development with APIs, it is critical to ensure security is integrated into the CI/CD process. What is DevSecOps and how do you keep APIs secure.

Read →
webinar

How developers can accelerate API security testing and ship secure software, faster

Join Apisec and RedSheild for a discussion around how developers can accelerate API security testing.

Watch →
blog

What is OWASP API Security Top 10: A Deep Dive

The rise of APIs has changed the landscape of vulnerabilities so fundamentally that a new approach was necessary, and 2019 OWASP added the API Security Top 10 list.

Read →
webinar

API Security Testing Requirements for PCI, SOC 2, CCPA and other Compliance Frameworks

This webinar covers various security compliance regulations such as PCI DSS and SOC 2 and shares how APIs are currently covered by security testing requirements.

Register →
webinar

Best practices for building Security into your APIs

This webinar shares real-world best practices for embedding security into the development cycle to prevent API vulnerabilities from making it into production.

Watch →
webinar

API Security 101: Establishing and Managing a Secure API Program

Experts from RedSpin and APIsec will share how to build, manage, and protect your API security program utilizing real world examples and OWASP Top 10 guidance..

Watch →
Case Study

Seismic Case Study

“APIsec provided exceptional support to us throughout the on-boarding and configuration stages. Their capabilities got us testing our APIs for a broad range of vulnerabilities in a very short period of time." Tim Dzierzek, Director of Information Security

Go →
Case Study

Slimstock Case Study

“As we looked towards building our API focused products we were at a cross-road; do we build API Security validations ourselves or do we leverage external companies." Daan Majoor - CTO

Go →
Case Study

HealthTech Case Study

After working with APIsec, our technologists were impressed with the approach and capabilities. Today it is our biggest bang for our security buck.” The Health Tech Firm CISO

Go →
Case Study

EstateSpace Case Study

“A further challenge of identifying potential security gaps is to not disrupt the development and test flow of the engineers. This means that the tooling needed to play within the existing DevSecOps infrastructure.” Matt Jenks, CTO/CSO

Go →
Case Study

Griffen Global Case Study

“With APIsec as a partner, our privilege escalation testing was put together in under a month, resulting in a great return on investment as the total cost is well below the cost of a single security test engineer.”

Go →
whitePaper

API Security Best Practices - Whitepaper

Hackers are targeting loopholes in API logic. Learn how to secure APIs and prevent breaches and data leaks.

Download →
whitePaper

API Security Automation Development Cost - Whitepaper

APIs account for over 80% of Internet traffic and will become the “most frequent attack vector" by 2022. Securing APIs requires new approaches.

Download →
whitePaper

BOLA Risk Mitigation Strategies - Whitepaper

APIs tend to expose endpoints that handle object identifiers, creating a wide attack surface Level Access Control issue. BOLA checks should be considered in every function that accesses a data source.

Download →
blog

How to Incorporate API Security Into the Development Cycle

API experts from Google Cloud, Allstate, APIsec, and Achieve Internet sat down to discuss how to integrate API security testing into the CI/CD pipeline.

Read →
webinar

Google Apigee & Allstate: How to Incorporate API Security into the Development Cycle

Join API experts from Google Apigee, Allstate, APIsec, and Achieve Internet and learn how to integrate API security testing into the CI/CD pipeline.

Watch →
webinar

Software AG & APIsec: Quickly Detect API Vulnerabilities and Meet Compliance Requirements

Software AG has partnered with security experts APIsec to bring you a comprehensive, modern security solution for your APIs. APIsec integrates with API gateways and platforms, and with CI/CD frameworks to automatically test new code in real-time.

Watch →
blog

APIsec Introduces First, 100% Automated, Certified Pen-Test Report for APIs

APIsec, Inc. introduced today an update to its API security platform allowing enterprise security and compliance groups to obtain certified, compliant API penetration testing reports on-demand.

Read →
blog

How to Add Token Generation Code

Read →
blog

Rest API and its Significance to Web Service Providers

Read →
blog

APIsec - the Only Platform for Automated API Security Testing

APIs are the heart of the modern Web, Mobile, & Data integration architecture. As per OWASP, top API vulnerabilities come from business-logic, role-configuration, and access-control flaws.

Read →
blog

Scan APIs locally with APIsec CLI

Read →
blog

How to Call APIsec APIs

Read →
blog

First American Financial 885M Account Records

Read →