Sumit Bhanushaliblog.sumitbhanushali.com·Nov 21, 2023REST API Best Practices: Design & SecurityREST in Brief A RESTful (Representational State Transfer) API (Application Programming Interface) is an interface that allows systems to communicate with each other over the Internet. REST is often used in the context of web services and APIs to enab...Discussbest practices
Dhairya Vermarajurastogi.hashnode.dev·Nov 15, 2023Unveiling API Vulnerabilities: A Deep Dive into Security RisksHey there, fellow tech enthusiasts! 🚀 So, I've been poking around some apps lately, playing with their APIs. And guess what? It's so easy to find the most basic vulnerabilities in some of the apps out there. I won't name the companies as the bugs mi...Discuss·31 readsgolang
Muhammad Asifasifdev-1697527454446.hashnode.dev·Nov 1, 2023Mastering OAuth Scopes: Protecting Your Data from Unauthorized AccessOAuth (Open Authorization) scopes are a mechanism used in OAuth 2.0, which is a protocol for secure authorization and access control. Scopes define the specific permissions or access rights that a client application is requesting from a user or resou...Discuss·10 likesoauth
API Guardian100daysofapisecurity.com·Oct 17, 2023API Gateways: The Wardens of API TrafficIn the early days of web services, APIs often interacted with applications directly. However, as architectures became more complex and the number of APIs grew, challenges like traffic management, security concerns, and scalability became more evident...Discuss100 Days of API SecurityAPIs
API Guardian100daysofapisecurity.com·Oct 16, 2023OAuth 2.0 vs OIDCWelcome to the 6th article in our #100daysofapisecurity series. In the mid-2000s, the booming digital landscape faced a challenge. Users managed a multitude of passwords for different online services, and the risky practice of sharing credentials dir...Discuss100 Days of API SecurityAPIs
API Guardian100daysofapisecurity.com·Oct 13, 2023Decoding the Encryption MysteryWelcome again to 100daysofapisecurity. Today, we will explore the world of encryption, whereby you will be taken through several encryption nuances and potential vulnerabilities. End-to-End Encryption (E2EE) End-to-End Encryption, or E2EE, is the dig...Discuss100 Days of API SecuritySSL
API Guardian100daysofapisecurity.com·Oct 11, 2023Decoding JWT: A Deep Dive into JSON Web TokensAs our digital world becomes increasingly complex and tangled, JSON Web Tokens (JWT) emerge as a prevalent mechanism to secure and streamline communication in networked environments, especially within APIs. JWT facilitates the transmission of compact...Discuss100 Days of API SecurityJWT
Anusha Shanbhoganushaa.hashnode.dev·Jul 31, 2023Understanding API SecurityWhat is an API? An Application Programming Interface (API) allows software applications to interact with each other and plays a crucial role in modern software structures like microservices architectures. It defines the methods and data formats that...Discuss·3 likes·83 reads#cybersecurity
Sandeep Korrapatiphoenixdev.hashnode.dev·Jul 20, 2023Guarding the Fort: Unmasking and Countering Server-Side VulnerabilitiesIn today's online world, servers power everything from social media to essential services. Yet they're not always secure. Even with modern technology, many servers face old and new threats. This blog highlights key server vulnerabilities and how to h...Discussapi security
Shua'ib Osenishosenwales.hashnode.dev·Jun 13, 2023Walkthrough: JWT authentication bypass via unverified signatureJavascript Web Token (JWT) is a secure way of transmitting information between parties as a JSON object. It comprises three parts: a header, a payload, and a signature. The header contains information about the token type and the hashing algorithm us...Discuss·26 readsapi security
