AI & API Security Blog

You'll find useful content about AI & API security, the cybersecurity landscape, news, events and much more updated regularly here.

What You Don’t Log Will Hurt You
Featured
August 28, 2025

What You Don’t Log Will Hurt You

We’ve talked before about the importance of logging in your AI and API security posture. But what happens when organizations fail to log their interactions adequately? And what can you do within your own organization to prevent this? Explore all this and more with the latest webinar from FireTail.

Subscribe to receive articles directly in your inbox

If you prefer to be notified of new posts via email, simply subscribe to our blog below.

Latest articles

All
OWASP LLM TOP 10
All
AI Security
All
Product
All
A View from the C-Suite
All
Fintech
All
cloud security
All
AI
All
Awards
All
API economy
All
podcast
All
WAF
All
Events
All
Cybersecurity
All
Cyber landscape
All
Company
All
API security
Unlimited airline miles courtesy of Points.com’s insecure APIs
September 6, 2023

Unlimited airline miles courtesy of Points.com’s insecure APIs

Poorly secured APIs at Points.com resulted in serious vulnerabilities that could have exposed the loyalty programs of some of the world’s best-known airlines and hospitality brands.

Read more
CYFIRMA & FireTail: Working Together for Complete Visibility and Robust API Security
September 1, 2023

CYFIRMA & FireTail: Working Together for Complete Visibility and Robust API Security

FireTail is proud to announce our partnership with CYFIRMA, a leading provider of external threat management solutions.

Read more
Moovit API Vulnerability - letting attackers move free of charge
September 1, 2023

Moovit API Vulnerability - letting attackers move free of charge

During Defcon, a security researcher presented his findings from assessing a global transportation system, leveraging APIs.

Read more
API Days Connect Hong Kong
August 30, 2023

API Days Connect Hong Kong

We were delighted to have the opportunity to present at Apidays Hong Kong this year. The hybrid event was a wonderful way to connect with some of the brightest minds in API security from all across the region and our CEO, Jeremy Snyder, took to the stage to deliver a talk entitled ‘API Security: Analysis of Breaches, Attack Vectors and Strategies.’ Watch the full presentation now…

Read more
moveIT - a series of breaches, all enabled by APIs
August 25, 2023

moveIT - a series of breaches, all enabled by APIs

A file transfer software called moveIT experienced a vulnerability starting in mid-2023 that created a mass breach across many organizations and geographies. The breach is started by injection against an API administrative endpoint, and data is exfiltrated via administrative API calls.

Read more
IDOR Attacks and the Growing Threat to Your API Security
August 22, 2023

IDOR Attacks and the Growing Threat to Your API Security

A recent advisory has highlighted the increasing threat posed by IDOR vulnerabilities. In this article, we explain Insecure Direct Object Reference (IDOR) attacks, explore their rise, and examine how these vulnerabilities impact API security.

Read more