cyberfreak.hashnode.devAPI Authentication Explained(Part 1): OAuth, JWT & Token BasicsModern applications rely heavily on APIs to exchange data between services, mobile apps, and third-party integrations. Because APIs often expose sensitive data and business logic, authentication becom9h ago·6 min read
cyberfreak.hashnode.devThe Fundamentals of API Security: Part 2If Part 1 focused on prevention through governance and design, this part focuses on detection and defence. Even secure APIs degrade over time: Code changes Infrastructure updates Configuration drifMar 4·3 min read
cyberfreak.hashnode.devThe Fundamentals of API Security: Part 1Modern applications are no longer page-driven. They are API-driven. Mobile apps, SaaS platforms, fintech dashboards, and IoT systems all rely on APIs to move sensitive data between users and backend sMar 2·4 min read
cyberfreak.hashnode.devHow to Test for IDOR VulnerabilitiesYou log into a web app to download your invoice. The URL looks harmless: https://example.com/invoice?id=4521 Out of curiosity, you change the number to 4520. You suddenly see someone else’s invoice. Feb 22·4 min read
cyberfreak.hashnode.devGovernance, Risk and Compliance: The non-technical side of CybersecurityCybersecurity is often dominated by sophisticated hacks, advanced technology, and complex coding. A fundamental aspect, however, operates largely in the shadows -- Governance, Risk, and Compliance (GRC). Governance, Risk, and Compliance (GRC) is a wa...Sep 18, 2023·3 min read
