agile development

The Challenge of Securing REST APIs

  In-brief: RESTful application program interfaces (APIs) are a key ingredient to building powerful, scalable web-based applications. But they can also open the door to web-based attacks, while also baffling traditional penetration testing tools and processes. In this article, Barracuda’s Neeraj Khandelwal explains why.

Opinion: Gaping Holes in Security of APIs

In-brief: In this, the first in a three-part series on REST API, Neeraj Khandelwal of Barracuda Networks discusses the growing importance of application program interfaces to business success, and how API insecurity poses a significant and under-appreciated risk to businesses.

Unpatched Vulnerabilities Common on Docker Hub Images

In-brief:  A survey out from the firm Banyan finds that official and general repositories on Docker Hub are rife with serious and exploitable software vulnerabilities, including Heartbleed, Shellshock and Poodle.

On Internet of Things Day: Security and IoT Reads

In-brief: In recognition of Internet of Things day, a list of some quality security and Internet of Things focused reads that are both online and free. 

Could Moore’s Law Solve The IoT Security Problem?

There’s an interesting roundup piece on Internet of Things security by Nermin Hajdarbegovic over at the technical jobs site Toptal. Hajdarbegovic provides a summary of some of the recent IoT reports – by Kaspersky Lab (the “Internet of Crappy Things” report, FTC Chairwoman Edith Ramirez and Wind River. (We covered the FTC and Wind River reports here and here.) It’s worth a read. Hajdarbegovic is mostly optimistic about the future of the Internet of Things and the ability of the “market” to address the security and privacy issues that currently exists. From his blog post: “As the IoT market grows, we will see more investment, and as hardware matures, we will get improved security. Chipmakers like Intel and ARM will be keen to offer better security with each new generation, since security could be a market differentiator, allowing them to grab more design wins and gain a bigger share. “Technology […]