API Keys

I will cut to the chase in this blog. Protecting and managing the API keys MUST be number one on your security to-do-list. A wave of recent breaches show just how exposed ...

Major API Breaches in H1 of 2024 Earlier this year, we provided an overview of the significant security breaches from 2023. It's now clear that for API related breaches, this year is ...

In recent years, the tech world has witnessed a significant shift towards what are known as "super apps." These mobile applications have become increasingly popular, offering a plethora of services within a ...

Financial apps have access to valuable and sensitive personal data, so you would think mobile app security would be top-of-mind for financial institutions. But is it?  ...

The writing is on the walls, and it’s hard to avoid after the significant spike in attacks against GitHub repositories. The recent CircleCI breach, in which customers’ secrets and encryption keys were ...

First of all, this blog was written by a human being! Now that that's out of the way,  let's get onto our main topic for today which is to take a look ...

An API key is a token provided by a client when making API calls. It is used to authenticate and authorize access to specific resources. In this article, we answer the question, ...

Learn how API keys and tokens are being baked into mobile apps, and how you can win on #redteam because of this oversight. The post Hardcoded cloud creds prove it’s easy for ...

Attacks against APIs are increasing and API key protection is central to miminizing your business risks. In this article we’ll look at what your exposures are and what you should do about ...

In a previous article we saw how to protect API keys by using Mobile App Attestation and delegating the API requests to a Proxy. This blog post will cover the situation where ...