All posts tagged

Discover critical REST API security risks, vulnerabilities, and mitigation strategies. Complete guide covering OWASP threats and best practices.

Learn what API keys are, why they're essential for security, and best practices for management, rotation, and storage.

Learn how to secure REST APIs using AWS API Gateway. Complete guide covering authentication, authorization, rate limiting, and advanced security features.

Explore the vital role of API tokens in secure data access, understanding types, best practices, and how they work with API gateways.

Master serverless API security with our guide. Learn best practices for AWS API Gateway, Lambda, data protection, and advanced strategies to safeguard your serverless architectures.

Protect your IoT ecosystem with robust API security. This guide covers challenges, API Gateway's role, and best practices for authentication, data encryption, and threat detection in IoT APIs.

Discover essential API security testing tools, methodologies, and best practices to protect your APIs from breaches and threats for 2025.

Discover how CORS works and implement it securely in your APIs with this comprehensive guide.

Learn essential API encryption strategies, including TLS 1.3 implementation and post-quantum cryptography.

Explore comprehensive API security strategies, including TLS 1.3, secure authentication, and gateway protections.

Discover common API vulnerabilities and learn how to secure your APIs with best practices, rate limiting, and API gateway security measures.

Learn how to secure APIs using JSON Web Tokens. Explore implementation steps, best practices, and the role of API gateways in API security.

Learn essential rate limiting and throttling strategies to protect your API from abuse, ensure reliability, and enhance security.

Discover how API7-MCP boosts API security and compliance by detecting risks with AI-driven insights.

API7 Enterprise v3.2.16.4 enhances the alerting feature, supporting Webhook and Email notifications for timely updates.

API7 Enterprise v3.2.16.3 integrates with AWS Secrets Manager for secure, efficient management and protection of sensitive data.

Let's protect your web APIs and applications exposed by Apache APISIX against known and unknown attacks with open-appsec - the automatic, machine learning-based WAF.

API7 Enterprise v3.2.16 seamlessly integrates with secret providers like HashiCorp Vault, enabling effortless management and referencing of external sensitive information.

Explore the issue of API sprawl in enterprises, learn about solutions to reduce development costs, enhance security, and facilitate successful digital transformation.

Learn how to use API7 Enterprise to set alerts and quickly push alert notifications to commonly used IM systems through Webhook notifications.

In this blog post, we'll explore OWASP Top 10 threats and learn how APISIX can protect against them with examples.

Transport Secure Layer, aka TLS, formerly SSL, is among its many pillars of information system security. Let's learn how to configure TLS for the Apache APISIX API Gateway.

In this article, we will discuss how to enable the Role-based access control (RBAC) authorization model.

In this article, we will walk you through the reasons why API Gateway is important in building APIs with DevSecOps approach.

Learn about the upstream connect error, its causes, and how to troubleshoot connection termination issues effectively.

This article introduces Hashicorp Vault, how Apache APISIX integrates Hashicorp Vault, and some future developing trends between them.

This article introduces API, API security, and some ways of protecting API.

This article describes how to secure your API information with the CSRF plugin in API Gateway Apache APISIX.

APISIX has addressed the challenges faced by 360 Cloud Computing in their Basic Operation and Maintenance Platform project.