In our previous blog posts covering our in-house Security Orchestration, Automation & Response (SOAR) application, we described the basic building blocks for the system and the steps we took to orchestrate interactions between a number of security tools. While building orchestration, we already introduced a significant amount of Automation powering features like threat intelligence collection and event polling.

Has your company faced a ransomware attack yet? If not, count yourself lucky, for now. A June 2021 article in Cybersecurity Ventures predicts that ransomware will cost its victims approximately $265 billion annually by 2031. And, according to CRN, “Victims of the 10 biggest cyber and ransomware attacks of 2021 were hit with ransom demands totaling nearly $320 million.”

Bringing you closer to DevSecOps, the brand new 'Scan with AppSweep' Step on Bitrise makes your apps more secure with continuous security assurance.

It’s fair to say that the pandemic has not only wreaked havoc on how individuals live their daily lives but also on how they work. The global changes led to an immediate shift to remote working and unfortunately, not all enterprises were prepared for it. Companies did not have adequate time to prepare and allocate necessary security resources to ensure strong network and device protection for employees working remotely.

API security starts with authentication and authorization, then data security and availability. In this post, I will review security considerations for an API gateway and how the capabilities of the Kong Gateway address them. First, let’s review different aspects of API security in detail.