Tyk Cloud: accessible API management without limits
The latest release of Tyk Cloud drops two new flexible ways for developers to play with and trial evaluate this API management system.
OWASP API security – 10: Insufficient logging & monitoring
Insufficient logging & monitoring can be costly and difficult to maintain, but for good security and forensics, it is necessary to have.
OWASP API security – 9: Improper assets management
Improper asset management leads to technical debt and reduce agility, making applications vulnerable to attacks. Read our guide!
OWASP API security – 8: Injection
Injection vulnerability is caused by not validating user input, where that input is later used verbatim without any protection mechanisms.
OWASP API security – 7: Security misconfiguration
The security misconfiguration vulnerabilities cover a range of common security mistakes made when exposing services over the internet.
OWASP API security – 6: Mass assignment
The API mass assignment vulnerability that allows an attacker to modify data or elevate privileges by manipulating payload data.
OWASP API security – 5: Broken function level authorization
BFLA can occur when client requests are authorised incorrectly, allowing clients access to levels of resources they shouldn’t have.
OWASP API security – 4: Lack of resources & rate limiting
When APIs face excessive requests, service availability, performance, & security suffer. Explore OWASP rate limiting.
OWASP API security – 3: Excessive data exposure
Protect your API from excessive data exposure by structuring responses so that sensitive data is either not returned or is redacted. Read our guide!
OWASP API security – 2: Broken user authentication
User Authentication is dedicated to identifying, rating and highlighting vulnerabilities associated with the ability to correctly authenticate users.