APISEC|CON 2026  | February 12 @ 10AM ETAPIsec website image

API Security Insights and Resources

Stay informed with expert articles, guides, and the latest trends in API security

How to Automate API Discovery with Extensions

January 13, 2026
5 minutes
APIsec blog article cover image
Dan Barahona

What Is an API Call?

January 13, 2026
5 minutes
APIsec blog article cover image
Dan Barahona

Build Your API Inventory Automatically as You Browse

January 12, 2026
5 minutes
APIsec blog article cover image
Dan Barahona

OAuth 2.0 Common Security Flaws and Prevention Techniques

December 24, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Rate Limiting Strategies: Preventing DDoS and Resource Exhaustion

December 24, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Open Source vs Commercial API Security Scanners Compared

December 24, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Financial Services API Security Compliance Guide

December 23, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Security Automation Tools and Techniques for DevOps Teams

December 23, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

How to Implement Automated API Security Testing in Development Workflows

December 12, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Security Testing for Payment Systems: PSD2 and Open Banking Requirements

December 9, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

JWT Security: Common Vulnerabilities and How to Prevent Token-Based Exploits

December 9, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Abuse Detection: Distinguishing Between Bots

December 9, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Securing Webhook Endpoints: Authentication and Validation Best Practices

December 1, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Security in Microservices Architecture: Best Practices

December 1, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

GraphQL Security Testing: Complete Guide for Developers

December 1, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

REST API Security Best Practices Every Developer Should Know

December 1, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Complete API Penetration Testing Checklist for Security Teams

December 1, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

SSRF Explained: OWASP API Security Principle 7 Made Simple

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Unrestricted Business Flows: OWASP Principle 6 Explained

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Instagram API Breach: Lessons on Sensitive Business Flows

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

BFLA Explained: Securing API Functions from Abuse

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

BOPLA Explained: Prevent Mass Assignment & Data Exposure

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Preventing Resource Abuse: Protect APIs from Harvesting

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Inside the Peloton Breach: Broken Authentication Lessons

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Understanding Security Misconfiguration in APIs: OWASP 8 Explained

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Improper Inventory Management in APIs: OWASP 9 Explained

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Unsafe API Consumption: Securing Third-Party Integrations

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Broken Authentication Explained: OWASP API Principle 2

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Are Free API Scanners Actually Worth It?

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

How to Choose the Right API Pen-Testing Tool

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Real-World Lessons of Broken Object Level Authorization (BOLA)

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

BOLA Explained: OWASP API Security Principle 1 for Teams

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Real-World API Security Breaches: Lessons from Major Attacks

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

AppSec Tech Landscape: Strengths, Gaps & What Teams Need

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

The Three Pillars of Modern API Security

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Security Fundamentals: Core Principles for Modern Apps

November 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Failure: 7 Causes and How to Fix Them

November 17, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Which API Security Testing Tool Should I Choose

November 17, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

CI/CD API Security: A Complete Automation Guide

November 17, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Security Mistakes That Lead to Data Breaches

November 17, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

How to Detect Business Logic Vulnerabilities in API

November 14, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Why Do APIs Keep Getting Hacked

November 14, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

When Do You Need API Penetration Testing for Your Applications

November 14, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Vulnerability Scanning vs Penetration Testing: Key Differences

November 14, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Why Automated API Testing Tools Are Better Than Manual Testing

November 14, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Can Automated API Security Testing Replace Security Code Reviews

November 14, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

How Does Automated API Endpoint Testing Improve Security Coverage

November 14, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Fuzzing for Security Testing: Complete Guide

October 22, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Auth Best Practices: Strong Authentication & Authorization

October 21, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Fixing Broken API Authentication: Detection & Prevention

October 21, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Endpoint Guide: Architecture, Security & Best Practices

October 21, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Difference Between SAST and DAST: Key Insights & Tools

October 21, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Troubleshooting Guide for API Failure: Common Causes & Solutions

October 21, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

API Security Orchestration: Automating Response & Remediation

October 21, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Prompt Injection and LLM API Security Risks | Protect Your AI

October 17, 2024
5 minutes
APIsec blog article cover image
Dan Barahona

Secure Your Shadow APIs: Best Practices for API Discovery

October 17, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Zero Trust API Security: Upgrade Your Cyber Defense Today

October 17, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

BOLA Explained: The Threat No One’s Testing

April 21, 2025
5 minutes
APIsec blog article cover image
Jesse Freeman

Software-Defined Vehicles: Are Your APIs Driving You Into Risk?

February 19, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

APIsec presents the 2024 API Security Market Report

March 13, 2024
5 minutes
APIsec blog article cover image
Shelby Matthews

Internal APIs at Risk: Why Testing Matters

March 4, 2024
5 minutes
APIsec blog article cover image
Stacey Levine

2024 API Security Best Practices

January 8, 2024
5 minutes
APIsec blog article cover image
Dan Barahona

Upcoming DSS 4.0 Deadline for PCI Compliance

January 3, 2024
5 minutes
APIsec blog article cover image
Shelby Matthews

Edulog API Breach Explained: BOLA Risks & Fixes

December 15, 2023
5 minutes
APIsec blog article cover image
Shelby Matthews

2023 OWASP API Top Ten

December 12, 2023
5 minutes
APIsec blog article cover image
Shelby Matthews

HIPAA vs Cures Act: Navigating Privacy & Interoperability

March 21, 2023
5 minutes
APIsec blog article cover image
Christine Bevilacqua

How to Choose an API Security Tech Stack

November 15, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Top 5 Burp Suite Alternatives for API Security Testing

November 15, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Burp vs ZAP: Which Finds More API Bugs?

November 14, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

OCC 2023 Plan: What It Means for Banks & FinTech Security

November 7, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Best Pen-Testing Tools for Modern APIs

September 16, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

API Testing Automation: How It Transforms DevSecOps

July 19, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

The Hidden Risks of API Monitoring That Leave APIs More Vulnerable

July 12, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Shift Left Security: The Ultimate Guide

March 31, 2024
5 minutes
APIsec blog article cover image
Dan Barahona

Shift Left for DevOps: Key Benefits and 5 Best Practices to Follow

May 19, 2022
5 minutes
APIsec blog article cover image
Dave Piskai

Shift-Left vs Traditional Testing: Choosing the Best Approach

May 16, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

What is Broken Object Level Authorization (BOLA) and How to Fix It

May 11, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Penetration Testing Best Practices for Every Stage of Testing

May 13, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Business Logic Flaws in APIs: The Silent Threat

May 5, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

HTTP Verb Tampering: Key Risks and Fixes

May 2, 2022
5 minutes
APIsec blog article cover image
Wesley Meier

Sensitive Data Exposure: What It Is and How to Avoid It

April 20, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

How to Generate OpenAPI (OAS) Specs for REST APIs

October 28, 2022
5 minutes
APIsec blog article cover image
Dave Piskai

How to Address Business Logic Flaws During Application Design

April 12, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Business Logic vs Application Logic in APIs

April 10, 2022
5 minutes
APIsec blog article cover image
Wesley Meier

5 Real Business Logic Failures That Led to Major Breaches

April 7, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Why Business Logic Vulnerabilities Are Your #1 API Security Risk

February 3, 2024
5 minutes
APIsec blog article cover image
Dan Barahona

Improper Asset Management: Hidden API Risks Explained

March 28, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

What Is a Business Logic Layer?

March 25, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Fintech API Security Checklist: Avoid Disaster

March 21, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Banking APIs: Closing the Door on Fraud

March 17, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Fintech APIs: Are You Leaking Money and Data?

March 15, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Vulnerability Scanning for APIs: What You’re Missing

March 12, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

5 Best Web Application and API Vulnerability Scanners in 2022

March 9, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Top 5 Best API Documentation Tools to Help Improve Adoption Rates

March 5, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

What Is OAuth 2.0 and How Does It Work?

November 3, 2025
5 minutes
APIsec blog article cover image
Dan Barahona

Top API Security Testing Tools You Need Now

February 24, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

API Test Automation: What It Is & How It Improves DevSecOps

February 20, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

API Security Checklist: What You Need To Know

February 19, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

Excessive Data Exposure: Are Your APIs Over-Sharing?

February 15, 2022
5 minutes
APIsec blog article cover image
Dan Barahona

3 Steps for an Effective API Testing Process

February 13, 2022
5 minutes
APIsec blog article cover image
Dan Barahona