LIVE! 2025 API Breaches Workshop  | December 18 @ 12PM ET

API Security Insights and Resources

Stay informed with expert articles, guides, and the latest trends in API security

Financial Services API Security Compliance Guide

December 23, 2025
5 minutes
Dan Barahona
Dan Barahona

API Security Automation Tools and Techniques for DevOps Teams

December 23, 2025
5 minutes
Dan Barahona
Dan Barahona

How to Implement Automated API Security Testing in Development Workflows

December 12, 2025
5 minutes
Dan Barahona
Dan Barahona

API Security Testing for Payment Systems: PSD2 and Open Banking Requirements

December 9, 2025
5 minutes
Dan Barahona
Dan Barahona

JWT Security: Common Vulnerabilities and How to Prevent Token-Based Exploits

December 9, 2025
5 minutes
Dan Barahona
Dan Barahona

API Abuse Detection: Distinguishing Between Bots

December 9, 2025
5 minutes
Dan Barahona
Dan Barahona

Securing Webhook Endpoints: Authentication and Validation Best Practices

December 1, 2025
5 minutes
Dan Barahona
Dan Barahona

API Security in Microservices Architecture: Best Practices

December 1, 2025
5 minutes
Dan Barahona
Dan Barahona

GraphQL Security Testing: Complete Guide for Developers

December 1, 2025
5 minutes
Dan Barahona
Dan Barahona

REST API Security Best Practices Every Developer Should Know

December 1, 2025
5 minutes
Dan Barahona
Dan Barahona

Complete API Penetration Testing Checklist for Security Teams

December 1, 2025
5 minutes
Dan Barahona
Dan Barahona

SSRF Explained: OWASP API Security Principle 7 Made Simple

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Unrestricted Business Flows: OWASP Principle 6 Explained

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Instagram API Breach: Lessons on Sensitive Business Flows

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

BFLA Explained: Securing API Functions from Abuse

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

BOPLA Explained: Prevent Mass Assignment & Data Exposure

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Preventing Resource Abuse: Protect APIs from Harvesting

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Inside the Peloton Breach: Broken Authentication Lessons

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Understanding Security Misconfiguration in APIs: OWASP 8 Explained

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Improper Inventory Management in APIs: OWASP 9 Explained

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Unsafe API Consumption: Securing Third-Party Integrations

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Broken Authentication Explained: OWASP API Principle 2

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Are Free API Scanners Actually Worth It?

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

How to Choose the Right API Pen-Testing Tool

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Real-World Lessons of Broken Object Level Authorization (BOLA)

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

BOLA Explained: OWASP API Security Principle 1 for Teams

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

Real-World API Security Breaches: Lessons from Major Attacks

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

AppSec Tech Landscape: Strengths, Gaps & What Teams Need

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

The Three Pillars of Modern API Security

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

API Security Fundamentals: Core Principles for Modern Apps

November 19, 2025
5 minutes
Dan Barahona
Dan Barahona

API Failure: 7 Causes and How to Fix Them

November 17, 2025
5 minutes
Dan Barahona
Dan Barahona

Which API Security Testing Tool Should I Choose

November 17, 2025
5 minutes
Dan Barahona
Dan Barahona

CI/CD API Security: A Complete Automation Guide

November 17, 2025
5 minutes
Dan Barahona
Dan Barahona

API Security Mistakes That Lead to Data Breaches

November 17, 2025
5 minutes
Dan Barahona
Dan Barahona

How to Detect Business Logic Vulnerabilities in API

November 14, 2025
5 minutes
Dan Barahona
Dan Barahona

Why Do APIs Keep Getting Hacked

November 14, 2025
5 minutes
Dan Barahona
Dan Barahona

When Do You Need API Penetration Testing for Your Applications

November 14, 2025
5 minutes
Dan Barahona
Dan Barahona

API Vulnerability Scanning vs Penetration Testing: Key Differences

November 14, 2025
5 minutes
Dan Barahona
Dan Barahona

Why Automated API Testing Tools Are Better Than Manual Testing

November 14, 2025
5 minutes
Dan Barahona
Dan Barahona

Can Automated API Security Testing Replace Security Code Reviews

November 14, 2025
5 minutes
Dan Barahona
Dan Barahona

How Does Automated API Endpoint Testing Improve Security Coverage

November 14, 2025
5 minutes
Dan Barahona
Dan Barahona

API Fuzzing for Security Testing: Complete Guide

October 22, 2025
5 minutes
Dan Barahona
Dan Barahona

API Auth Best Practices: Strong Authentication & Authorization

October 21, 2025
5 minutes
Dan Barahona
Dan Barahona

Fixing Broken API Authentication: Detection & Prevention

October 21, 2025
5 minutes
Dan Barahona
Dan Barahona

API Endpoint Guide: Architecture, Security & Best Practices

October 21, 2025
5 minutes
Dan Barahona
Dan Barahona

Difference Between SAST and DAST: Key Insights & Tools

October 21, 2025
5 minutes
Dan Barahona
Dan Barahona

Troubleshooting Guide for API Failure: Common Causes & Solutions

October 21, 2025
5 minutes
Dan Barahona
Dan Barahona

API Security Orchestration: Automating Response & Remediation

October 21, 2025
5 minutes
Dan Barahona
Dan Barahona

Prompt Injection and LLM API Security Risks | Protect Your AI

October 17, 2024
5 minutes
Dan Barahona
Dan Barahona

Secure Your Shadow APIs: Best Practices for API Discovery

October 17, 2025
5 minutes
Dan Barahona
Dan Barahona

Zero Trust API Security: Upgrade Your Cyber Defense Today

October 17, 2025
5 minutes
Dan Barahona
Dan Barahona

BOLA Explained: The Threat No One’s Testing

April 21, 2025
5 minutes
Jesse Freeman
Jesse Freeman

Software-Defined Vehicles: Are Your APIs Driving You Into Risk?

February 19, 2025
5 minutes
Dan Barahona
Dan Barahona

APIsec presents the 2024 API Security Market Report

March 13, 2024
5 minutes
Shelby Matthews
Shelby Matthews

Internal APIs at Risk: Why Testing Matters

March 4, 2024
5 minutes
Stacey Levine
Stacey Levine

2024 API Security Best Practices

January 8, 2024
5 minutes
Dan Barahona
Dan Barahona

Upcoming DSS 4.0 Deadline for PCI Compliance

January 3, 2024
5 minutes
Shelby Matthews
Shelby Matthews

Inside the Edulog Breach: Lessons on BOLA & API Risk

December 15, 2023
5 minutes
Shelby Matthews
Shelby Matthews

2023 OWASP API Top Ten

December 12, 2023
5 minutes
Shelby Matthews
Shelby Matthews

HIPAA vs Cures Act: Navigating Privacy & Interoperability

March 21, 2023
5 minutes
Christine Bevilacqua
Christine Bevilacqua

How to Choose an API Security Tech Stack

November 15, 2022
5 minutes
Dan Barahona
Dan Barahona

Top 5 Burp Suite Alternatives for API Security Testing

November 15, 2022
5 minutes
Dan Barahona
Dan Barahona

Burp vs ZAP: Which Finds More API Bugs?

November 14, 2022
5 minutes
Dan Barahona
Dan Barahona

OCC 2023 Plan: What It Means for Banks & FinTech Security

November 7, 2022
5 minutes
Dan Barahona
Dan Barahona

Best Pen-Testing Tools for Modern APIs

September 16, 2022
5 minutes
Dan Barahona
Dan Barahona

API Testing Automation: How It Transforms DevSecOps

July 19, 2022
5 minutes
Dan Barahona
Dan Barahona

The Hidden Risks of API Monitoring That Leave APIs More Vulnerable

July 12, 2022
5 minutes
Dan Barahona
Dan Barahona

Shift Left Security: The Ultimate Guide

March 31, 2024
5 minutes
Dan Barahona
Dan Barahona

Shift Left for DevOps: Key Benefits and 5 Best Practices to Follow

May 19, 2022
5 minutes
Dave Piskai
Dave Piskai

Shift-Left vs Traditional Testing: Choosing the Best Approach

May 16, 2022
5 minutes
Dan Barahona
Dan Barahona

What is Broken Object Level Authorization (BOLA) and How to Fix It

May 11, 2022
5 minutes
Dan Barahona
Dan Barahona

Penetration Testing Best Practices for Every Stage of Testing

May 13, 2022
5 minutes
Dan Barahona
Dan Barahona

Business Logic Flaws in APIs: The Silent Threat

May 5, 2022
5 minutes
Dan Barahona
Dan Barahona

HTTP Verb Tampering: Key Risks and Fixes

May 2, 2022
5 minutes
Wesley Meier
Wesley Meier

Sensitive Data Exposure: What It Is and How to Avoid It

April 20, 2022
5 minutes
Dan Barahona
Dan Barahona

Generate Flawless OpenAPI Specs & Secure APIs

October 28, 2022
5 minutes
Dave Piskai
Dave Piskai

How to Address Business Logic Flaws During Application Design

April 12, 2022
5 minutes
Dan Barahona
Dan Barahona

Business Logic vs Application Logic: Key Differences

April 10, 2022
5 minutes
Wesley Meier
Wesley Meier

5 Real Business Logic Failures That Led to Major Breaches

April 7, 2022
5 minutes
Dan Barahona
Dan Barahona

Why Business Logic Vulnerabilities Are Your #1 API Security Risk

February 3, 2024
5 minutes
Dan Barahona
Dan Barahona

Improper Asset Management: Hidden API Risks Explained

March 28, 2022
5 minutes
Dan Barahona
Dan Barahona

What Is a Business Logic Layer?

March 25, 2022
5 minutes
Dan Barahona
Dan Barahona

Fintech API Security Checklist: Avoid Disaster

March 21, 2022
5 minutes
Dan Barahona
Dan Barahona

Banking APIs: Closing the Door on Fraud

March 17, 2022
5 minutes
Dan Barahona
Dan Barahona

Fintech APIs: Are You Leaking Money & Data?

March 15, 2022
5 minutes
Dan Barahona
Dan Barahona

Vulnerability Scanning for APIs: What You’re Missing

March 12, 2022
5 minutes
Dan Barahona
Dan Barahona

5 Best Web Application and API Vulnerability Scanners in 2022

March 9, 2022
5 minutes
Dan Barahona
Dan Barahona

Top 5 Best API Documentation Tools to Help Improve Adoption Rates

March 5, 2022
5 minutes
Dan Barahona
Dan Barahona

What Is OAuth 2.0 and How Does It Work?

November 3, 2025
5 minutes
Dan Barahona
Dan Barahona

Top API Security Testing Tools You Need Now

February 24, 2022
5 minutes
Dan Barahona
Dan Barahona

API Test Automation: What It Is & How It Improves DevSecOps

February 20, 2022
5 minutes
Dan Barahona
Dan Barahona

API Security Checklist: What You Need To Know

February 19, 2022
5 minutes
Dan Barahona
Dan Barahona

Excessive Data Exposure: Are Your APIs Over-Sharing?

February 15, 2022
5 minutes
Dan Barahona
Dan Barahona

3 Steps for an Effective API Testing Process

February 13, 2022
5 minutes
Dan Barahona
Dan Barahona

API Security Best Practices: Stop Breaches Before They Start

February 9, 2022
5 minutes
Dan Barahona
Dan Barahona

MuleSoft API Security Best Practices Your Dev Needs to Know About

February 8, 2022
5 minutes
Dan Barahona
Dan Barahona

The Hidden Cost of Late API Bug Discovery

February 5, 2022
5 minutes
Dan Barahona
Dan Barahona

Why APIs Are Quietly Your Largest Risk

February 2, 2022
5 minutes
Dan Barahona
Dan Barahona

What Is API Privacy and How to Protect Your Sensitive Data

January 29, 2022
5 minutes
Dan Barahona
Dan Barahona

API Security Glossary

January 26, 2022
5 minutes
Dan Barahona
Dan Barahona