2023 was a rough year for data security. A quick look at the biggest hacks of this year reveals some very disturbing information and trends. There were many specific hacks and data breaches that malicious actors were able to accomplish. Cybercrime skyrocketed in 2023. The rise in cybercrime was fueled largely by the continued COVID-19 pandemic and the work-from-home measures taken by countless businesses. According to one report, cybercrime increased 600%.

Design, speed, and simplicity are the winning flavors for any mobile banking app. By possessing these characteristics, the fintech app can entice any smartphone enthusiast, the number of whom is steadily increasing. The industry’s major mobile app development company players recognize that the pervasiveness of mobile phones in our lives must be used as a tool to win loyal users for FinTech businesses.

API gateways serve as the final checkpoint for your APIs. As such, gateway configuration is critical to ensuring that your APIs remain secure, available, and responsive. Ensuring that all changes to these configurations are intentional and follow your organization's best practices is key to maintaining a robust API gateway deployment. decK 1.28 adds a brand new feature that allows you to natively validate your gateway configurations against custom rule sets.

In 2022, Marriott, the renowned global hotel and resort company, fell victim to a cunning social engineering attack. During this security breach, cyber attackers successfully exfiltrated a staggering 20 gigabytes of highly sensitive customer data, including personal information and credit card numbers. In that very year, InterContinental Hotels Group (IHG) found itself in the crosshairs of a cyberattack that effectively crippled its booking systems and rendered its mobile apps inoperative.

When building an app, you'll probably need to handle user authentication in one form or another. In Rails applications, several pre-built libraries and gems make it a breeze to build user authentication including well-known libraries like Devise, Doorkeeper and OmniAuth. These libraries work well out of the box, but there's a caveat, as developers must follow certain configuration and design rules for each library.

Generative artificial intelligence represents a category of AI that utilizes generative models to produce text, images, or other forms of media. These models grasp the intricacies and structure of their input training data, enabling them to generate new data with similar characteristics. In insurance, generative AI plays a pivotal role in expediting digitization processes.

In token-based architecture, tokens represent the client’s entitlement to access protected resources. Access tokens (or bearer tokens as they're commonly known) are issued by authorization servers after successful user authentication. The tokens are passed as credentials in the request to the target APIs which inform the API that the bearer of the token is authorized to access the API and perform certain actions.

Cyberattacks are terrifying because of their potential to wreak havoc on a massive scale. The interconnectedness that the internet provides can totally be exploited. Quality assurance teams around the world have to be prepared against such disastrous scenarios, so they sometimes launch authorized cyberattacks on their own systems to check for vulnerabilities. This process is known as penetration testing, or pen testing for short.

Kong Gateway Enterprise 3.5 is packed with security features to support the use cases demanded by our enterprise customers through major improvements in Secrets Management integrations and our Open-ID Connect (OIDC) plugin. Additionally, we’ve added key security updates for a few of our AWS integrations.