#api-security

3d ago · 6 min read · Modern applications rely heavily on APIs to exchange data between services, mobile apps, and third-party integrations. Because APIs often expose sensitive data and business logic, authentication becom

Join discussion

MBMokshan Basurumokshan.hashnode.dev

0

Beyond the Scanner: Analyzing Infrastructure & Logic Vulnerabilities in SaaS APIs

3d ago · 6 min read · Executive summary During a security assessment of an enterprise-grade package library, I identified a multi-stage attack chain composed of three logic and infrastructure flaws: HTTP Parameter Pollutio

Join discussion

TTiamattiamat-ai.hashnode.dev

0

How API Rotation Attacks Expose Your Credentials — And Why Your Rate Limiting Fails

5d ago · 4 min read · TL;DR API rotation attacks (credential cycling across multiple endpoints in seconds) bypass 99% of standard rate limiters because they distribute requests across legitimate token endpoints. TIAMAT's analysis of 47 breached credential sets shows 73% w...

Join discussion

CDCoding Dropletscodingdroplets.com

0

ASP.NET Core API Security Checklist: 15 Production Controls Teams Miss

Mar 6 · 6 min read · Security incidents in ASP.NET Core APIs rarely happen because teams forgot authentication entirely. They happen when basic controls exist but production-hardening controls are inconsistent, undocumented, or delayed until after launch. The fastest way...

Join discussion

CCyberFreak999cyberfreak.hashnode.dev

0

The Fundamentals of API Security: Part 2

Mar 4 · 3 min read · If Part 1 focused on prevention through governance and design, this part focuses on detection and defence. Even secure APIs degrade over time: Code changes Infrastructure updates Configuration drif

Join discussion

CDCoding Dropletscodingdroplets.com

0

JWT Authentication vs Reference Tokens in ASP.NET Core APIs: Enterprise Decision Guide

Mar 5 · 5 min read · Modern ASP.NET Core teams rarely fail because they cannot issue tokens. They fail because they lock into one token model too early, then struggle with revocation, cross-service trust, and runtime costs later. 🚀 Need implementation-ready .NET source...

Join discussion

ATAPIVerve Teamapiverve.hashnode.dev

0

API Rate Limiting Done Right: A Complete Guide

Mar 4 · 9 min read · Every API needs rate limiting. Without it, a single misbehaving client can overwhelm your servers, a bug in consumer code can create accidental denial-of-service attacks, and bad actors can abuse your resources. But rate limiting creates friction. De...

Join discussion

CCyberFreak999cyberfreak.hashnode.dev

0

The Fundamentals of API Security: Part 1

Mar 2 · 4 min read · Modern applications are no longer page-driven. They are API-driven. Mobile apps, SaaS platforms, fintech dashboards, and IoT systems all rely on APIs to move sensitive data between users and backend s

Join discussion

TPTatiane Pimenta Lealtatianepimentaleal.hashnode.dev

0

MITRE ATLAS and OWASP | API Security in the Age of LLM

Mar 1 · 5 min read · Artificial Intelligence, or AI, is an inevitable topic nowadays, not only for its formidable growth in speed, features, capabilities, and general use, but also for its flaws and ethical concerns. In t

Join discussion

TPTatiane Pimenta Lealtatianepimentaleal.hashnode.dev

0

API Security Is Not a Feature — It’s a Responsibility

Mar 1 · 3 min read · API Pen-testing is a wild journey, as you are forced to look through an important part of a system that is continuously ignored. When you order food in a restaurant, you are concerned about the food i

Join discussion

Tag feed

Tag feed

#api-security

API Authentication Explained(Part 1): OAuth, JWT & Token Basics

Beyond the Scanner: Analyzing Infrastructure & Logic Vulnerabilities in SaaS APIs

How API Rotation Attacks Expose Your Credentials — And Why Your Rate Limiting Fails

ASP.NET Core API Security Checklist: 15 Production Controls Teams Miss

The Fundamentals of API Security: Part 2

JWT Authentication vs Reference Tokens in ASP.NET Core APIs: Enterprise Decision Guide

API Rate Limiting Done Right: A Complete Guide

The Fundamentals of API Security: Part 1

MITRE ATLAS and OWASP | API Security in the Age of LLM

API Security Is Not a Feature — It’s a Responsibility

#api-security

Search Hashnode

#api-security

API Authentication Explained(Part 1): OAuth, JWT & Token Basics

Beyond the Scanner: Analyzing Infrastructure & Logic Vulnerabilities in SaaS APIs

How API Rotation Attacks Expose Your Credentials — And Why Your Rate Limiting Fails

ASP.NET Core API Security Checklist: 15 Production Controls Teams Miss

The Fundamentals of API Security: Part 2

JWT Authentication vs Reference Tokens in ASP.NET Core APIs: Enterprise Decision Guide

API Rate Limiting Done Right: A Complete Guide

The Fundamentals of API Security: Part 1

MITRE ATLAS and OWASP | API Security in the Age of LLM

API Security Is Not a Feature — It’s a Responsibility