Guy Levin

Security-first API Design

Security-first API Design

What is API Security? API security is the application of any security best practice applied to web APIs, which are prevalent in modern applications. API security includes API access control and privacy, as well as the detection and remediation of attacks on APIs through API reverse engineering and the exploitation »
Top 5 Security Issues in Public APIs and How to solve them

Top 5 Security Issues in Public APIs and How to solve them

One of the features in RestCase is that it scans your API definitions for both Security and Quality issues and shows insights about them. We managed to scan about 50 public APIs and aggregated the results in order to write about the top 5 security issues and how to solve »
API Development with Design-first Approach

API Development with Design-first Approach

Today, the best practice when implementing APIs on a large scale is to start with an API design stage. This approach is called API design-first, sometimes also known as API-first, schema-first, or design-first. The design-first approach advocates for designing the API’s contract first before writing any code. This is »
Top 5 REST API Design Problems

Top 5 REST API Design Problems

Here at RestCase we are working with many companies and help them develop secure services and APIs. When working with developers on how to design and build quality APIs and microservices and I am seeing many common design problems that are not organization / company-specific. These problems are better to be »
State of API Security

State of API Security

The current age is the age of science and technology. With the advent of modern technology, the problems associated with modern technology have also increased to a great level. Application programming interfaces (APIs) have become all the rage nowadays, with enterprise developers now relying heavily on them to support the »
Top 5 OWASP Security Tips for Designing Secured REST APIs

Top 5 OWASP Security Tips for Designing Secured REST APIs

APIs are channels of communications, through which applications can “talk”. To create a connection between applications, REST APIs use HTTPS. HTTP requests pass through the API channel of communication and carry messages between applications. Threat actors target REST APIs because they’re after the data stored in HTTP requests. Threat »
REST APIs - How To Handle "Man In The Middle" Security Threat

REST APIs - How To Handle "Man In The Middle" Security Threat

An API, or Application Programming Interface, is how software talks to other software. Every day, the variety of APIs and the volume of API calls are growing. Every web and mobile application out there is powered by APIs. By nature of the APIs, many of them have a direct line »