Systems | Development | Analytics | API | Testing

The OWASP API Security Top 10 identifies the top API vulnerabilities that pose the greatest risk to mobile, web and SaaS applications as well as internal, partner and external API programs, highlighting which vulnerabilities must be detected and mitigated promptly. Gartner predicts that APIs that expose private information such as Personally Identifiable Information (PII) will be the most common attack vector in 2022.

In our previous blog posts, we’ve covered the core components, orchestration capabilities and automated analysis and ChatOps features in our in-house Security Orchestration, Automation & Response (SOAR) application. In this final blog post, we will briefly cover one of the system’s automated response capabilities that allow it to take action and respond to alerts without human intervention, and close out the blog series with two important lessons learned from implementing SOAR at Appian.

There are many excellent authorization libraries for Rails, but did you know it's not that hard to build this functionality yourself? In this article, Renata Marques shows us how to use the Policy Object Pattern to implement access control in our Rails apps.

A few weeks ago I saw this message in our internal support channel on Slack, and it made my gears grind. So I stopped to take a look, since the last thing we want is a customer taken advantage of. There are people out there on the internet cheeky enough to freeload off your account, and use up your monthly quotas. What's more: you may not know that it is happening.

Keeping your dependencies up-to-date is essential to ensure that your applications stay healthy, secure, and performant. Thankfully, the BEAM ecosystem has its own package manager, Hex, which is fast, mature, and simple to use. This article explores the available tools and commands to manage Hex dependencies and some tips to make the process more enjoyable. Let's dive in!