Traceable

Is your API security giving you nightmares? 👻 Join us for a 30-minute technical demo of Traceable’s API Security platform this Halloween on Thursday, October 31 at 10am PDT/1pm PDT — no sales pitch involved. 🎃 Secure your spot today! https://bit.ly/4g7wKTj

ICYMI: Our team recently published the API Security Blueprint for Product and Application Security leaders, and it's definitely worth a read! This latest guide cuts through the complexity, offering a clear pathway to strengthen your API security posture. Here's what you’ll get: 👉 https://lnkd.in/eUk5xVK8 🔸 Actionable Strategies: Learn how to adapt your security programs to modern API-driven architectures. 🔸 Risk Prioritization: Discover effective methods to manage vulnerabilities and prioritize fixes based on real risk. 🔸 Threat Readiness: Stay ahead of the constantly evolving threat landscape with insights tailored to your challenges. 🔸 Lifecycle Coverage: Understand your team’s role and responsibilities throughout the API security lifecycle. Download the guide now and ensure your organization is prepared for the complexities of modern API security.

Whether you're new to API security or a seasoned pro, there's always more to learn! Katie Paxton-Fear’s API Masterclass Series has already delivered six action-packed sessions for API security practitioners who want to level up their skills—you don't want to miss these! Here's the latest: Episode 6: Recognizing and Responding to API Breaches 🔑 We’ve hacked APIs, broken down the OWASP API Top 10, and even built security programs from scratch. But what happens when something sneaky bypasses your defenses? In this episode, we cover the critical next step: incident response. 🙌 💥 Key Takeaways 💥 📊 How to implement logging and alerts for real-time breach detection. 🛡️ Strategies to validate attacks and take immediate action. 🏦 Build an incident response plan using a simulated banking scenario! These masterclasses are interactive sessions packed with practical insights. Whether you're on the blue team, an API hacker, or a developer protecting your code, Katie’s got you covered! 🔍 Ready to join us? Check out the series and sign up for a class! 🚀 https://bit.ly/4eCWSEt

#ThrowbackThursday ICYMI: Earlier this year at RSA, our Co-Founder and CTO, Sanjay Nagaraj, sat down with the NYSE to discuss Traceable's mission to secure APIs—the backbone of all modern applications. 🚀 In the interview, Sanjay highlights: 📈 The surge in demand for API security, driven by the rise of API-driven businesses. 🤖 Traceable's AI-powered platform that protects and tests APIs at runtime, helping organizations secure their most critical assets efficiently. 🛡️ Exciting new features rolling out to secure GenAI applications, including protecting against prompt injection and shadow AI risks. Catch the full conversation and learn how we're shaping the future of API security. 👇 https://bit.ly/4eTuFtj

ServiceNow’s vulnerabilities (CVE-2024-4879, CVE-2024-5178, CVE-2024-5217) can expose your organization to serious threats. Here’s what you need to know: 🔑 Server-Side Template Injection Risks: Critical vulnerabilities in ServiceNow's platform open the door to remote code execution, potentially leading to data theft and denial of service. 🔑 Apache Jelly Exploit: Double evaluation of user input via g: and j: tags can be exploited to bypass input sanitization and execute malicious code. 🔑 Sensitive File Access: Bypassing ServiceNow’s access controls allows actors to read sensitive files, including database credentials. ➡️ Read more and learn how to stay secure: https://bit.ly/3XRFmGk

At Traceable, we’re tuning in to our partner Cycode | Complete ASPM’s flagship event, ASPM Nation, tomorrow October 9th! You can sign up for free here: https://lnkd.in/esKzJTt4 AppSec is truly a team sport! Our partnership brings together the best of Traceable's API discovery and protection capabilities with Cycode's comprehensive visibility into the SDLC. There will be a ton of actionable takeaways - take a sneak peek at the agenda: 💥 Get a blueprint for your ASPM program and reset AppSec as you know it 💥 Unmissable leadership lessons from industry giants 💥 Bridge the security-developer divide #aspm #developersecurity #applicationsecurity #appsec #cybersecurity #apisecurity

PCI DSS 4.0 is here, and it's essential for businesses to stay compliant to protect sensitive payment data. In her latest article, Katie Paxton-Fear, API Security Researcher at Traceable, simplifies what you need to know. Here are the key takeaways: 🛡️ Network security – Clear policies, restricted access, and regular updates are critical. 🔐 Protect account data – Minimize storage, encrypt data, and limit access. 📉 Vulnerability management – Scan for vulnerabilities, update software, and remediate quickly. 🔒 Access control – Limit access to payment data by default and secure both digital and physical systems. 🖥️ Monitor and test – Regular audits and tests keep your systems secure. 📝 Information security policy – Ensure constant compliance and maintain strong, documented policies. 👇 Get the latest here: https://lnkd.in/esiJT3GP

Richard Bird is coming at you again! This time for Singapore's GovWare 2024, the premier cybersecurity event in Asia! 🌐 📢 Join Richard on October 17th, at the Sands Expo and Convention Centre as he presents on API security and its vital importance for government and enterprise technology. Don’t miss out on this opportunity to hear one of the industry’s most respected thought leaders share his insights on securing digital infrastructure! 🗓 October 17th, 2024 📍 GovWare Singapore, Sands Expo and Convention Centre, Singapore 👉 https://www.govware.sg/

Generative AI is transforming industries, but many security teams are still in “listen and learn” mode. As companies explore use cases and infrastructure, security can’t take a backseat. In our latest blog, we outline a Crawl - Walk - Run strategy for securing generative AI-enabled applications: 🚶 Crawl: Discover generative AI in your applications, starting with comprehensive API visibility. 🏃♂️ Walk: Assess and manage the security posture of your generative AI APIs. 🏆 Run: Implement runtime protection for continuous monitoring and threat detection. Learn how Traceable’s new Generative AI API Discovery makes securing AI simple and accessible for all. Read more here 👉 https://bit.ly/3XqYz0b

Traceable is a proud Cybersecurity Awareness Month Champion! This international initiative, led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance, empowers individuals and businesses to protect their data from cybercrime and stay safe online. This year's theme focuses on online safety, reminding us that simple, effective steps can protect personal data and secure our world—even amidst large-scale data breaches and cyberattacks. At Traceable, we believe online safety starts with securing the digital infrastructure that powers everything we do. That's why we're laser-focused on protecting APIs, the backbone of modern applications, from cyber threats. Whether it’s safeguarding sensitive data or defending against attacks, API security is essential to the broader mission of keeping everyone safe online. Throughout October, we’ll be sharing insights and practical steps to strengthen your security posture and protect your APIs. Stay tuned!