42Crunch is pleased to announce our corporate membership of the Open Web Application Security Project (OWASP), a worldwide not-for-profit charitable o ...

2025年初，Web应用程序与API安全形势愈发复杂，攻击规模与精密程度显著提升。2024年，Akamai监测到超3110亿次Web应用程序及API攻击，同比增长33%，这与云服务、微服务架构及AI驱动应用的普及密切相关。其中，API成为主要攻击目标，2023年1月至2024年12月间攻击量超1500亿次，每年给企业造成约870亿美元损失，若防护不力，2026年损失可能突破1000亿美元。

根据Akamai平台观测，过去一年中，违反OWASP和MITRE规范的API安全事件显著增长，出海企业应主动对照国际主流框架来治理API漏洞，从源头上减少合规风险。 AI对安全已经造成了实质性影响 在分析DDoS攻击增长的原因时，马俊重点提到了AI技术。

而 OWASP 也根据可利用性、弱点普遍性、弱点可观测性、技术影响、业务影响等维度梳理了十大最关键的 API 安全风险。从 OWASP API Security Top 10 我们也 ...

API security risk has dramatically evolved in the last two years. Jason Kent, Hacker-in-Residence at Cequence Security, discusses the top API security concerns today and how to address them.

Recognized for product, innovation, market, and overall leadershipMAHWAH, N.J., Aug. (GLOBE NEWSWIRE) -- Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery ...

Noname’s API Security Platform detects OWASP API Top 10 related vulnerabilities across the widest possible set of sources including log files, replays of historical traffic, configuration files ...

Security misconfiguration is a significant concern, in the OWASP Top 10. During our web application penetration tests, we often discover numerous vulnerabilities of this nature. According to OWASP, ...

'Broken object level authorization' is the number one API vulnerability that attackers can exploit to gain access to an organization's data, according to a report from the independent Open Web ...

违反OWASP和MITRE框架的API安全事件（如OWASP API3/ OWASP API5/ OWASP API2等身份认证漏洞）因过度暴露用户隐私数据导致大规模数据泄露，显著加剧企业合规 ...