Slipping Through the Security Gaps
By: Akamai View more from Akamai >>
Download this next:
Protect your organization & customers from card skimming Magecart-style attacks
By:
Type: Replay
You can’t rely on network or perimeter security to protect web applications, your business or your customers from card skimming attacks. The reason? Web apps that use HTML, CSS or JavaScript, including your eCommerce checkout page, are especially vulnerable to client-side attacks that can result in a devastating data breach like the ones that affected British Airways and Ticketmaster. And the bad news is that these Magecart-style data exfiltration attacks are only becoming more targeted, more frequent, and are resulting in fines and or penalties in the hundreds of millions of dollars. To protect against data theft, most organizations depend on traditional security controls that monitor network and server traffic, not client side code. But as more business logic and functionality is being executed in the browser in order to improve customer experience and performance, the riskier this strategy becomes. As the busiest shopping season of the year approaches, is your website – and your customer data – protected? Find out how you can defend against client-side data exfiltration and prevent web apps from becoming an attack vector. In this webinar, we’ll cover: -How Magecart and other digital skimming attacks are able to thwart traditional security measures -How to protect web apps against client side threats -What you should look for in an application security solution
These are also closely related to: "Slipping Through the Security Gaps"
-
Web Application Security and the API’s They Rely On
By:
Type: Talk
API Security is has grown to an incredibly broad topic. In the web application realm, front end applications are delineated from backend systems. A recent study shows a tremendous increase in the number of APIs, with 83% of web traffic today consisting of API traffic. Protecting web apps against malicious browser extensions and trojan attacks is crucial to protecting app data - web app and API vulnerabilities protection requires comprehensive client code protection. In this session, Director of Product Management Matan Gal Kochavi discusses the landscape of web application API security and best practices, while directly answering your questions on the topic. Join, hear, and ask about: - How organizations can best-practice protection for client-side web apps - The most prevalent web application attacks witnessed by companies - Why API security is growing more important for web application protection
-
Web Application Security and the API’s They Rely On
By:
Type: Replay
API Security is has grown to an incredibly broad topic. In the web application realm, front end applications are delineated from backend systems. A recent study shows a tremendous increase in the number of APIs, with 83% of web traffic today consisting of API traffic. Protecting web apps against malicious browser extensions and trojan attacks is crucial to protecting app data - web app and API vulnerabilities protection requires comprehensive client code protection. In this session, Director of Product Management Matan Gal Kochavi discusses the landscape of web application API security and best practices, while directly answering your questions on the topic. Join, hear, and ask about: - How organizations can best-practice protection for client-side web apps - The most prevalent web application attacks witnessed by companies - Why API security is growing more important for web application protection
Find more content like what you just read:
-
Web Application Security and the API’s They Rely On
By:
Type: Replay
API Security is has grown to an incredibly broad topic. In the web application realm, front end applications are delineated from backend systems. A recent study shows a tremendous increase in the number of APIs, with 83% of web traffic today consisting of API traffic. Protecting web apps against malicious browser extensions and trojan attacks is crucial to protecting app data - web app and API vulnerabilities protection requires comprehensive client code protection. In this session, Director of Product Management Matan Gal Kochavi discusses the landscape of web application API security and best practices, while directly answering your questions on the topic. Join, hear, and ask about: - How organizations can best-practice protection for client-side web apps - The most prevalent web application attacks witnessed by companies - Why API security is growing more important for web application protection
-
Ep 5 - Top 5 Pitfalls to Avoid in Client-Side Security
By:
Type: Replay
As you secure your applications and protect them from security breaches and fraud events, you've likely turned to preventative and detective controls on the server side. On the other hand, client-side threats such as malicious JavaScript, formjacking, data exfiltration, digital skimming, and Magecart make up a significant portion of attacks across all industries. Those attacks can lead to customer data theft, regulatory scrutiny, compromised user experience, lack of trust, stuck sales cycles, and revenue loss. In this session, we'll explore the challenges involved in client-side security. We'll cover: • The complexities and challenges involved in client-side security • How enterprises can avoid common pitfalls when addressing client-side security The benefits of looking at the client-side environment to mitigate risk Watch the other episodes of the series: Ep 1: Modernising and Securing Your API Architecture Ep 2: Multi-layer App Security in Kubernetes for DevSecOps Ep 3: How Smarter Bot Mitigation with Machine Learning Can Reduce Business Risks and Costs Ep 4: Why You Need Observability Beyond Monitoring Apps Ep 6: Scaling Your App Delivery Infrastructure in Minutes not Days By watching this webinar, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time
-
JavaScript Supply Chain Risks & How to Stop Them
By:
Type: Replay
We've seen a recent proliferation of client-side attacks, thanks to an increase in malicious actors exploiting the vast attack surface created by today’s decentralized web applications. With 70% of the code in your web apps coming from third-party sources, it’s nearly impossible to identify and manage scripts running on your site – and threat actors know it. In this webinar, you’ll learn: - How third-party shadow code puts you at risk for attacks - Why client-side attacks are a security, fraud, and compliance challenge - What you can do to protect your customers from exposure - Why filling your client-side security gap is a business imperative
-
The new ABCs of application security
By: Barracuda
Type: Replay
Join this timely and informative webinar to gain a deeper understanding of: How the latest API, bot, and client-side attacks are exploiting your applications How recent, real-world instances of these attacks have unfolded—and what they cost their victims How advanced, comprehensive strategies for securing applications and APIs can help you effectively combat these attacks and prevent costly breaches
-
Cover Your Apps: App and API Attacks on the Rise
By:
Type: Video
As organizations grow and continue to adopt more web applications to improve business operations, this attack surface continues to expand. 2022 was a record year when it comes to web applications and API attacks. With an exponential increase in API traffic, is estimated that by 2024, API abuses and related data breaches will nearly double. So, understanding the different trends and new attack vectors is becoming crucial to organizations as they look to secure business critical applications. Learn more about how these attacks are affecting every industry and what are the recommendations to secure your web applications and APIs.
-
Black Hat 2023 — Cover Your Apps: App and API Attacks on the Rise
By:
Type: Video
As organizations grow and continue to adopt more web applications to improve business operations, this attack surface continues to expand. 2022 was a record year when it comes to web applications and API attacks. With an exponential increase in API traffic, is estimated that by 2024, API abuses and related data breaches will nearly double. So understanding the different trends and new attack vectors is becoming crucial to organizations as they look to secure business critical applications. Learn more about how these attacks are affecting every industry and what are the recommendations to secure your web applications and APIs.
-
Digital Fortresses Under Siege: Threats to Modern Application Architectures
By:
Type: Talk
As web applications and APIs have proliferated, they’ve become an attractive target. Akamai’s latest report reveals an increase of 49% in web attacks from Q1 2023 to Q1 2024. The report also provides detailed analyses of trends by industry and region, and a look at DDoS attacks with a DNS component. Access the report for the insights you need to effectively prioritize your security strategy and spending.
-
Enemy at the Gates: Analyzing Attacks on Financial Services
By:
Type: Replay
The financial services industry continues to be one of the most widely attacked industries in the world. Akamai Security Research observed 3.5x growth in web app and API attacks against financial services in the last year. They also noted the alarming speed at which attackers are leveraging zero-day vulnerabilities to target financial services organizations and the increased complexity of these assaults. What’s behind this escalation in attacks? Join us in this webinar where you will learn: • Attack vectors commonly used against financial services • Factors that led to the surge in web app and API attacks • Risk exposures of financial services You can also read about these threats in our latest State of the Internet (SOTI) report, Enemy at the Gates: Analyzing Attacks on Financial Services.
-
Bot Attacks: Top Threats and Trends
By: Barracuda
Type: Replay
How is your business detecting and blocking bad bots that execute web scraping, account takeover, distributed denial of service (DDoS), and other attacks? Don’t miss the details in this insightful new report about Web Application and API Protection (WAAP) solutions to stop malicious bots, prevent attacks, and boost security. Join Barracuda for this informative webinar about the findings of the report, including the latest tactics used by advanced persistent bots and best practices to defend against the growing number of sophisticated attacks on web and API applications.
-
Bot Attacks: Top Threats and Trends
By: Barracuda
Type: Replay
How is your business detecting and blocking bad bots that execute web scraping, account takeover, distributed denial of service (DDoS), and other attacks? Don’t miss the details in this insightful new report about Web Application and API Protection (WAAP) solutions to stop malicious bots, prevent attacks, and boost security. Join Barracuda for this informative webinar about the findings of the report, including the latest tactics used by advanced persistent bots and best practices to defend against the growing number of sophisticated attacks on web and API applications.
-
How to Maximize Security Through Simplicity
By:
Type: Replay
Building great digital experiences often involve leveraging serverless edge computing, microservices, IaaS, client-side functionality, and APIs. These modern development practices – while designed to produce highly personalized, fast, and always-on user experiences – also introduce risk. A big reason is that IT and security teams struggle to support the business given the high velocity of code releases and the inability to keep pace with changing applications and APIs. If we take a lesson on simplicity from developers, organizations today need to rethink how cloud security not only drives stronger protections but adds value with ease of use. Managing multiple security products, for example, can translate to higher costs, more complexity, and the need for skilled talent — which is untenable for most organizations. The critical role of securing applications and APIs in today’s global business world amid evolving attacks, ranging from web app business logic attacks to API abuse to DDoS, requires holistic and extensible security you can actually use. In this session, you will learn: * Where the security market is going with converging technologies in 2022 * How adaptive security can stop the most evasive attacks, automatically * How to mitigate the OWASP API Security Top 10 vulnerabilities * How to reduce the cost, effort, and complexity of securing all your app & APIs
-
How to Maximize Security Through Simplicity
By:
Type: Talk
Building great digital experiences often involve leveraging serverless edge computing, microservices, IaaS, client-side functionality, and APIs. These modern development practices – while designed to produce highly personalized, fast, and always-on user experiences – also introduce risk. A big reason is that IT and security teams struggle to support the business given the high velocity of code releases and the inability to keep pace with changing applications and APIs. If we take a lesson on simplicity from developers, organizations today need to rethink how cloud security not only drives stronger protections but adds value with ease of use. Managing multiple security products, for example, can translate to higher costs, more complexity, and the need for skilled talent — which is untenable for most organizations. The critical role of securing applications and APIs in today’s global business world amid evolving attacks, ranging from web app business logic attacks to API abuse to DDoS, requires holistic and extensible security you can actually use. In this session, you will learn: * Where the security market is going with converging technologies in 2022 * How adaptive security can stop the most evasive attacks, automatically * How to mitigate the OWASP API Security Top 10 vulnerabilities * How to reduce the cost, effort, and complexity of securing all your app & APIs
-
How to Maximize Security Through Simplicity
By:
Type: Replay
Building great digital experiences often involve leveraging serverless edge computing, microservices, IaaS, client-side functionality, and APIs. These modern development practices – while designed to produce highly personalized, fast, and always-on user experiences – also introduce risk. A big reason is that IT and security teams struggle to support the business given the high velocity of code releases and the inability to keep pace with changing applications and APIs. If we take a lesson on simplicity from developers, organizations today need to rethink how cloud security not only drives stronger protections but adds value with ease of use. Managing multiple security products, for example, can translate to higher costs, more complexity, and the need for skilled talent — which is untenable for most organizations. The critical role of securing applications and APIs in today’s global business world amid evolving attacks, ranging from web app business logic attacks to API abuse to DDoS, requires holistic and extensible security you can actually use. In this session, you will learn: * Where the security market is going with converging technologies in 2022 * How adaptive security can stop the most evasive attacks, automatically * How to mitigate the OWASP API Security Top 10 vulnerabilities * How to reduce the cost, effort, and complexity of securing all your app & APIs
-
State of the Internet: Defending Digital Fortresses
By:
Type: Talk
Listen to our webinar to explore the findings from Akamai’s latest State of the Internet (SOTI) report, Digital Fortresses Under Siege: Threats to Modern Application Architectures. Our analysis has uncovered critical insights into the growing risks faced by today's digital infrastructures. Key topics to be covered include: - A 49% surge in application and API attacks over the past year. - The staggering total of 108 billion API attacks in the last 18 months. - Regional and industry-specific breakdowns of attack trends. - Emerging threats and their implications for your security strategy. Our security experts offer an in-depth discussion of the report's findings and share actionable recommendations to help safeguard your web applications and API infrastructure. Presenters: - Tricia Howard, Senior Technical Writer, Akamai - Richard Meeus, Director of Security Technology and Strategy, EMEA, Akamai
-
Around the World with APIs: Understand API Attacks Anywhere
By:
Type: Replay
As risk to APIs grows and the attack surface expands with every new API, the conversation around API Security is more critical than ever. The 2024 API Security State of the Internet (SOTI) report showcases new insights into the attacks targeting APIs, which constitute 29% of web attacks over the past year. Join guest speaker, Forrester Principal Analyst Sandy Carielli and Giora Engel, VP of API Security at Akamai as they deep dive into the types of attacks, extending beyond the OWASP API Security Top 10, and their implications across different industries and regions. Is this webinar you will: Understand real-world API Security threats Identify impactful API attack trends Gain visibility into the life of an API Discover the principles of effective API security Our experts will guide you through the necessary steps to demystifying threats facing your API landscape and fortifying your security posture without having to revise your existing infrastructure. Register now.
-
Around the World with APIs: Understand API Attacks Anywhere
By:
Type: Talk
As risk to APIs grows and the attack surface expands with every new API, the conversation around API Security is more critical than ever. The 2024 API Security State of the Internet (SOTI) report showcases new insights into the attacks targeting APIs, which constitute 29% of web attacks over the past year. Join guest speaker, Forrester Principal Analyst Sandy Carielli and Giora Engel, VP of API Security at Akamai as they deep dive into the types of attacks, extending beyond the OWASP API Security Top 10, and their implications across different industries and regions. Is this webinar you will: Understand real-world API Security threats Identify impactful API attack trends Gain visibility into the life of an API Discover the principles of effective API security Our experts will guide you through the necessary steps to demystifying threats facing your API landscape and fortifying your security posture without having to revise your existing infrastructure. Register now.
-
API security: Hidden risks and best practices
By:
Type: Replay
These days, just about every enterprise web application uses APIs. And that’s led to a growing deluge of API attacks. The truth is, APIs... • Can be difficult to defend with traditional web application security solutions • Create hidden security gaps in mobile applications • Appear to have played a role the tripling of web attacks from 2020’s record year In this webinar, you’ll learn about practices that can lead to the release of vulnerable applications, steps you can take today to mitigate potential threats, and other findings from our upcoming State of the Internet / Security report.
-
How the New Web Application Architecture is Changing Web Application Security
By:
Type: Talk
Web applications are moving from traditional back-end and front-end architecture, deployed in an organization’s physical data center, to modern multi-cloud, microservices, and Kubernetes architectures, opening up new threat surfaces along the way. How are you to, for instance, secure application vulnerabilities from supply-chain attacks when your data is dispersed across multi-cloud applications? How do you protect from vulnerabilities in 3rd and 4th-party libraries? Join our experts deconstruct the most essential requirements for complete web application protection in the following Fireside Chat and explain: • New web application attack vectors, beyond the standard OWASP top 10 • How usage of 3rd and 4th-party libraries and APIs increases app vulnerabilities • The security and liability implications of using client-side logic and code • How Radware helps organizations protect their modern web applications. Tune into this session to discover how to protect your web apps from these, and other, vulnerabilities.
-
Effectively Safeguarding Your APIs: From Discovery to Defense
By:
Type: Talk
Nearly one-third of web attacks targeted APIs in 2023. APIs are now vital for modern applications, enabling seamless communication and data exchange between systems. As their use grows across various industries to improve efficiency and customer experiences, APIs also become prime targets for attackers. Vulnerabilities in APIs can lead to data breaches and abuse of business logic, presenting major challenges to organizations. On 23 April 2024 at 1:00 p.m. SGT join Akamai and ISC2 as we discuss findings from the State of the Internet (SOTI) report, Lurking in the Shadows: Attack Trends Shine Light on API Threats. We will discuss: -Latest API attack trends observed in Asia Pacific -Top industry sectors being attacked -Top cyber threats targeting APIs and their implications -Best practices and practical strategies for fortifying your APIs against malicious activities Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai Moderator: Emily Kong, CISSP, CCSP
-
Effectively Safeguarding Your APIs: From Discovery to Defense
By:
Type: Talk
Nearly one-third of web attacks targeted APIs in 2023. APIs are now vital for modern applications, enabling seamless communication and data exchange between systems. As their use grows across various industries to improve efficiency and customer experiences, APIs also become prime targets for attackers. Vulnerabilities in APIs can lead to data breaches and abuse of business logic, presenting major challenges to organizations. On 23 April 2024 at 1:00 p.m. SGT join Akamai and ISC2 as we discuss findings from the State of the Internet (SOTI) report, Lurking in the Shadows: Attack Trends Shine Light on API Threats. We will discuss: -Latest API attack trends observed in Asia Pacific -Top industry sectors being attacked -Top cyber threats targeting APIs and their implications -Best practices and practical strategies for fortifying your APIs against malicious activities Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai Moderator: Emily Kong, CISSP, CCSP
-
State of the Internet: API Security
By:
Type: Replay
Last year, nearly one-third of web attacks targeted APIs. Join us for a live webinar as we reveal the findings from our latest State of the Internet (SOTI) report, 'Lurking in the Shadows: Attack Trends Shine Light on API Threats', and learn: • The latest API attack techniques • Regional trends • Real-world lessons • Advice around security implementations and active threats
-
State of the Internet: API Security
By:
Type: Talk
Last year, nearly one-third of web attacks targeted APIs. Join us for a live webinar as we reveal the findings from our latest State of the Internet (SOTI) report, 'Lurking in the Shadows: Attack Trends Shine Light on API Threats', and learn: • The latest API attack techniques • Regional trends • Real-world lessons • Advice around security implementations and active threats
-
Tealium + Snap: Inside Tealium’s Unique Integration with Snap Conversions API
By:
Type: Talk
Tealium helps companies collect, organize, and activate their first-party customer data in order to deliver great customer experiences. As part of the Tealium Customer Data Hub, EventStream API Hub provides server-side data collection and orchestration to help businesses go beyond data from tags/mobile SDK’s to build a more complete view of the customer journey, reduce the impact of data drop-off due to technical issues/ad blockers/network connectivity issues, and improve data governance and control. In this webinar, we'll explore Tealium's real-time, turnkey, server-side integration for Snapchat Conversions API via EventStream and how clients can benefit from a more reliable, more secure way of sharing the data, and can take advantage of all other integrations in the Tealium Marketplace to future-proof their data collection.
-
Cybersecurity for Financial Services: Balancing Innovation and Risk in APJ
By:
Type: Video
Discover the top attacks that are targeting financial services in Asia-Pacific and Japan (APJ) and the solutions to mitigate them. In APJ, financial sectors face a surge in web app and API attacks, while malicious bots and third-party script adoption complicate the cybersecurity landscape. Learn how you can mitigate key cyberthreats while you securely grow your organization — without paying the price of being attacked. Akamai’s State of the Internet report, The High Stakes of Innovation, helps you understand the top threats and ensure that your digital transformation journey is as seamless as possible. Reuben Koh, Security Technology and Strategy Director (APJ), delves into the surge of web application and API attacks, the vulnerability of APIs, malicious bot tactics, the rise in Distributed Denial-of-Service (DDoS) attacks, and the impact of third-party scripts. Discover the key attack vectors targeting financial institutions and actionable strategies to enhance app and API security, incident response, script security, and DDoS defenses for your organization.
-
Protecting APAC Commerce: A Strategic Approach to API Security
By:
Type: Talk
Join us for an in-depth exploration of API security threats, a major concern for the commerce industry in the APAC region. This session will focus on securing your APIs and understanding your vulnerabilities. We will explore the tactics cybercriminals use to exploit API vulnerabilities and the specific challenges faced by businesses in this region. This session will provide crucial insights into: Understanding Vulnerabilities: Identify and understand API security weaknesses in the APAC commerce industry, illustrated by regional case studies and data. Identifying Negative Impacts: Learn the side effects of web scraping on your site's performance and business operations. Proactive Security Posture: Build a forward-thinking security framework to anticipate future threats and ensure resilience and security
-
Protect Your APIs: Invest in Securing Your Digital Innovation
By:
Type: Replay
APIs make up the fabric of the financial services industry - they bridge the customer to the product. However, according to recent research by Akamai, as of June 2022, there have been over 9 billion web application and API attacks across the globe. This is three times more than we saw in 2021. Given the value of APIs to the modern organisation, it’s no wonder that they have become a pathway for attackers to infiltrate the network. This talk will cover lessons learned from analysing data across our platform and customers’ best practices. Leaders must act now to ensure security is consistent and applied across their entire estate, including web apps and APIs. But what can you do specifically to secure your APIs and how has digital transformation impacted API security? Join us in the third and final episode of Actionable Insights from Akamai as we discuss: - Best practices for securing your APIs - How to leverage the cyber kill chain to evaluate your API risks - Insights from global Threat Intelligence to enhance your API protection - And much more!
-
Protect Your APIs: Invest in Securing Your Digital Innovation
By:
Type: Talk
APIs make up the fabric of the financial services industry - they bridge the customer to the product. However, according to recent research by Akamai, as of June 2022, there have been over 9 billion web application and API attacks across the globe. This is three times more than we saw in 2021. Given the value of APIs to the modern organisation, it’s no wonder that they have become a pathway for attackers to infiltrate the network. This talk will cover lessons learned from analysing data across our platform and customers’ best practices. Leaders must act now to ensure security is consistent and applied across their entire estate, including web apps and APIs. But what can you do specifically to secure your APIs and how has digital transformation impacted API security? Join us in the third and final episode of Actionable Insights from Akamai as we discuss: - Best practices for securing your APIs - How to leverage the cyber kill chain to evaluate your API risks - Insights from global Threat Intelligence to enhance your API protection - And much more!
-
Tealium + TikTok: Inside Tealium’s Unique Integration with TikTok Conversion API
By:
Type: Talk
Tealium helps companies manage, organize and activate their first-party customer data in order to deliver great customer experiences. As part of the Tealium Customer Data Hub, EventStream API Hub provides server-side data collection and orchestration to help businesses go beyond data from tags / mobile SDK’s to build a more complete view of the customer journey, reduce the impact of data drop-off due to technical issues / ad blockers / network connectivity issues, and improve data governance and control. In this webinar, we'll explore Tealium's real-time, turnkey, server-side integration for TikTok Events API via EventStream along with TikTok Pixel and TikTok SDK. We'll also share how clients benefit from a more reliable, more secure way of sharing data while taking advantage of all other integrations in the Tealium Marketplace to future-proof their data collection.
-
The New ABCs of Application Security
By: Barracuda
Type: Replay
Online applications are fundamental to how you do business, mediating relationships with customers, partners, and suppliers, and managing internal collaboration. This makes them an appealing target for criminals seeking vulnerabilities to exploit. Join this timely and informative webinar to gain a deeper understanding of how the latest API, bot, and client-side attacks (the new ABCs of app security) exploit your applications; how recent, real-world instances of these attacks have unfolded—and what they cost their victims; how advanced, comprehensive strategies for securing applications and APIs—including ML-powered API Discovery and advanced Zero-Trust capabilities—can help you effectively combat these attacks and prevent costly breaches.
-
Defending Against Ransomware and Other Modern-Day Threats
By:
Type: Talk
According to the recently released Akamai Web Application and API Threat Report, attacks are growing even more than expected for the first half of 2022 with over 9 billion attempted already this year, up over 300% from the same time a year ago. Analyzing the attacks shows that they can be classified into three categories; namely ongoing and consistent and persistent attack campaigns, short burst attack campaigns, and big-bang attack campaigns where an organization may see a 30x increase in traffic. The report also shows that protection against such pervasive threats as local file inclusion, SQLi, and XSS is mandatory in order to ensure ransomware gangs can’t gain a foothold within your applications or API’s. In this webinar, we’ll hear from Akamai Solutions engineers in a discussion on: • How Akamai’s web application and API protection kept customers safe from this uptick in focused attacks • Recently named the leader in Gartner’s Magic Quadrant for the sixth consecutive year, Akamai’s self-tuning protection is the most effective, industry-leading solution that automatically adapts as the threat landscape continuously evolves.
-
Web Application and API Attack Trends to Look for in 2023
By:
Type: Talk
With the rise in web applications and APIs, attacks targeting these systems continue to escalate. Cybercriminals are always on the lookout for zero-day vulnerabilities, and new threats are emerging every day. Therefore, it is imperative to stay abreast of the latest attack vectors and mitigation strategies. In this webinar, Akamai presents its research on the top web application and API attack trends. We will share insights on the current attack trends impacting the Asia Pacific and Japan (APJ) region collectively. Our research also covers where adversaries are focusing their attacks on and what their preferred attack techniques are. Join us for this session to understand: - Latest web application and API attack trends in APJ - Common attack vectors and techniques used by adversaries - Top countries and industry verticals affected by attacks - Recommended mitigation strategies Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai Moderator: Garion Kong, CISSP, CCSP, President, (ISC)² Singapore Chapter
-
Web Application and API Attack Trends to Look for in 2023
By:
Type: Talk
With the rise in web applications and APIs, attacks targeting these systems continue to escalate. Cybercriminals are always on the lookout for zero-day vulnerabilities, and new threats are emerging every day. Therefore, it is imperative to stay abreast of the latest attack vectors and mitigation strategies. In this webinar, Akamai presents its research on the top web application and API attack trends. We will share insights on the current attack trends impacting the Asia Pacific and Japan (APJ) region collectively. Our research also covers where adversaries are focusing their attacks on and what their preferred attack techniques are. Join us for this session to understand: - Latest web application and API attack trends in APJ - Common attack vectors and techniques used by adversaries - Top countries and industry verticals affected by attacks - Recommended mitigation strategies Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai Moderator: Garion Kong, CISSP, CCSP, President, (ISC)² Singapore Chapter
-
Securing APIs Against Modern Threats with AI
By:
Type: Replay
APIs have become the predominant attack surface for web applications. However, modern web attacks increasingly target the API call flows and the application’s business logic. This makes protecting your APIs more complex – and more important – than ever. Watch IDC Research Director Christopher Rodriguez and Radware’s API Security expert Yaron Azerual discuss the requirements for securing APIs against modern web application threats with AI, the shifting threat landscape, and requirements for protection. The discussion includes: • Why APIs are the prime target for attacks • Why the traditional approach to API security is no longer enough today • How the requirements for API protection have changed, and what are the requirements for modern protection with generative AI • Where the API and AI security landscape is going next, and what you can do to be prepared
-
Securing APIs Against Modern Threats with AI
By:
Type: Replay
APIs have become the predominant attack surface for web applications. However, modern web attacks increasingly target the API call flows and the application’s business logic. This makes protecting your APIs more complex – and more important – than ever. Watch IDC Research Director Christopher Rodriguez and Radware’s API Security expert Yaron Azerual discuss the requirements for securing APIs against modern web application threats with AI, the shifting threat landscape, and requirements for protection. The discussion includes: • Why APIs are the prime target for attacks • Why the traditional approach to API security is no longer enough today • How the requirements for API protection have changed, and what are the requirements for modern protection with generative AI • Where the API and AI security landscape is going next, and what you can do to be prepared
-
Securing APIs Against Modern Threats with AI
By:
Type: Replay
APIs have become the predominant attack surface for web applications. However, modern web attacks increasingly target the API call flows and the application’s business logic. This makes protecting your APIs more complex – and more important – than ever. Watch IDC Research Director Christopher Rodriguez and Radware’s API Security expert Yaron Azerual discuss the requirements for securing APIs against modern web application threats with AI, the shifting threat landscape, and requirements for protection. The discussion includes: • Why APIs are the prime target for attacks • Why the traditional approach to API security is no longer enough today • How the requirements for API protection have changed, and what are the requirements for modern protection with generative AI • Where the API and AI security landscape is going next, and what you can do to be prepared
-
Attacks On Commerce - North America
By:
Type: Replay
Akamai research observed threats against the commerce industry becoming more rampant, with more than 14 billion web application and API attacks in 15 months. Sign up now for our upcoming webinar that examines the attack trends in this industry, such as: • More than 5 trillion malicious bot requests and their potential risks — from credential stuffing attacks to account takeover • Over 30% of phishing attacks targeted commerce brands in Q1 2023 • Dangers of using third-party scripts, like Magecart and web skimming attacks, and how to mitigate them • Critical attack vectors to watch out for in web applications
-
Attacks On Commerce - EMEA
By:
Type: Replay
Akamai research observed threats against the commerce industry becoming more rampant, with more than 14 billion web application and API attacks in 15 months. Sign up now for our upcoming webinar that examines the attack trends in this industry, such as: • More than 5 trillion malicious bot requests and their potential risks — from credential stuffing attacks to account takeover • Over 30% of phishing attacks targeted commerce brands in Q1 2023 • Dangers of using third-party scripts, like Magecart and web skimming attacks, and how to mitigate them • Critical attack vectors to watch out for in web applications
-
Attacks On Commerce - North America
By:
Type: Video
Akamai research observed threats against the commerce industry becoming more rampant, with more than 14 billion web application and API attacks in 15 months. Sign up now for our upcoming webinar that examines the attack trends in this industry, such as: • More than 5 trillion malicious bot requests and their potential risks — from credential stuffing attacks to account takeover • Over 30% of phishing attacks targeted commerce brands in Q1 2023 • Dangers of using third-party scripts, like Magecart and web skimming attacks, and how to mitigate them • Critical attack vectors to watch out for in web applications
-
Attacks On Commerce - EMEA
By:
Type: Video
Akamai research observed threats against the commerce industry becoming more rampant, with more than 14 billion web application and API attacks in 15 months. Sign up now for our upcoming webinar that examines the attack trends in this industry, such as: • More than 5 trillion malicious bot requests and their potential risks — from credential stuffing attacks to account takeover • Over 30% of phishing attacks targeted commerce brands in Q1 2023 • Dangers of using third-party scripts, like Magecart and web skimming attacks, and how to mitigate them • Critical attack vectors to watch out for in web applications
-
Attacks On Commerce - EMEA
By:
Type: Replay
Akamai research observed threats against the commerce industry becoming more rampant, with more than 14 billion web application and API attacks in 15 months. Sign up now for our upcoming webinar that examines the attack trends in this industry, such as: • More than 5 trillion malicious bot requests and their potential risks — from credential stuffing attacks to account takeover • Over 30% of phishing attacks targeted commerce brands in Q1 2023 • Dangers of using third-party scripts, like Magecart and web skimming attacks, and how to mitigate them • Critical attack vectors to watch out for in web applications
-
Addressing API Security in Your DevSecOps Life Cycle
By:
Type: Replay
Organizations face a variety of threats from malicious actors. With the proliferation of web services, APIs are the fastest-growing attack surface in the industry. It's time to act. Join this webinar to get answers to some of the most pressing questions, such as • What are the current industry trends on API usage? • What are the challenges in dealing with application and API security? • What are the solutions to API security challenges? • What is an example of a firm that has adopted an IAST tool for API security?
-
A Deep Dive into SSRF
By:
Type: Video
Server-Side Request Forgery (SSRF) attacks make news. We've heard the stories of victim organizations who report data loss and a lot of negative chatter in the news among technical communities. Malicious actors executing this attack can do so because we create trust relationships between software and systems based on security assumptions. Mitigation advice is everywhere - input validation, zero-trust architecture, safe listing - just to name a few. We've built lessons around strategies to combat SSRF. But why are we choosing those? In this session, you'll learn how attackers abuse trust relationships, identify different types of SSRF attacks and apply appropriate mitigations to secure your environment.
-
Defend against web app and API attacks in Asia-Pacific: Akamai’s report
By:
Type: Video
Apps and APIs are under increasing attack. Learn about the top web application and API attack vectors in Asia-Pacific from Akamai’s State of the Internet report, and how to better protect your organization against these threats. Hear Reuben Koh, Security Technology and Strategy Director (Asia-Pacific and Japan), discuss key attack vectors, OWASP API Top 10 risks, Broken Object Level Authorization, and Broken Authentication, among other vulnerabilities, and share the security measures crucial to safeguarding sensitive data and maintaining business continuity. Also, explore strategies to fortify your defenses, mitigate risks, and secure your digital assets in today's evolving cyberthreat landscape.
-
Next generation cloud security – Streamlining your application and API security
By:
Type: Talk
In today’s connected world, securing web applications and APIs from a wide range of threats is critical for business success. These threats include web app business logic attacks, API abuse, and even sophisticated bot attacks. Securing digital properties amid cloud journeys, modern DevOps practices, and constantly changing applications and APIs also introduces new complexities and challenges. The next generation of cloud security must tailor its defenses against the latest threats, while dynamically mitigating any vulnerabilities from legacy frameworks and technologies. In this webinar, we will discuss how Akamai’s App and API Protector: • Automatically adapts to evolving attacks, including application DDoS attacks • Protects against OWASP top 10 threats • Provides unparalleled bot visibility and mitigation strategies • Supports simplicity in onboarding and maintenance through automated updates, self-tuning, and Akamai’s advanced API capabilities • Empowers both developers and security teams with deep attack visibility
-
Next generation cloud security – Streamlining your application and API security
By:
Type: Replay
In today’s connected world, securing web applications and APIs from a wide range of threats is critical for business success. These threats include web app business logic attacks, API abuse, and even sophisticated bot attacks. Securing digital properties amid cloud journeys, modern DevOps practices, and constantly changing applications and APIs also introduces new complexities and challenges. The next generation of cloud security must tailor its defenses against the latest threats, while dynamically mitigating any vulnerabilities from legacy frameworks and technologies. In this webinar, we will discuss how Akamai’s App and API Protector: • Automatically adapts to evolving attacks, including application DDoS attacks • Protects against OWASP top 10 threats • Provides unparalleled bot visibility and mitigation strategies • Supports simplicity in onboarding and maintenance through automated updates, self-tuning, and Akamai’s advanced API capabilities • Empowers both developers and security teams with deep attack visibility
-
Advanced Insights and Strategies for Application Protection in 2024
By:
Type: Talk
In today’s fast-evolving digital landscape, protecting your applications, APIs and workloads has never been more crucial. From ransomware to zero-day exploits, cyber threats are becoming increasingly sophisticated, targeting vulnerabilities in software applications and APIs to gain unauthorized access to sensitive data and cause widespread disruption to business services. According to our latest research, cyberattacks on web applications and APIs have also surged by 65% in the Asia Pacific and Japan region from Q1 2023 to Q1 2024. It is now imperative that organizations understand more about the threats targeting them so as to pivot their security posture to defend more effectively. On 13 August 2024 join Akamai Technologies and ISC2 for this follow-up session to our earlier webinar on “Effectively Safeguarding Your APIs,” presented to the ISC2 community in early 2024. We’ll share a holistic view of how threat actors are targeting APIs, applications and critical workloads. In this session, you’ll learn about the latest attack trends in Asia Pacific and Japan, including: - The top industries targeted for web application and API attacks -The top 5 methods used in web application attacks -Analysis of different DDoS attack types -Real-world case studies on how enterprises are securing critical workloads -Tips to enhance protection without impeding digital innovation Presenter: Reuben Koh, Director of Security Tech and Strategy, APJ, Akamai Moderator: Anthony Lim, CSSLP, Sub-Commitee Member, ISC2 Singapore Chapter
-
New report: State of Application Security in 2024
By: Cloudflare
Type: eBook
Today’s security practitioners and team leaders are responsible for protecting sensitive customer data and staying vigilant against a wide range of web app attacks and API abuse. Download the State of Application Security in 2024 to discover strategies for securing your web apps and APIs.