Recently, Dell faced a significant data breach, where a threat actor exploited API vulnerabilities to steal 49 million customer records. This incident not only underscores the growing threat of API abuse but also highlights the necessity for robust security measures to protect sensitive data.In this blog post, we will delve into the details of the Dell data breach, identify the specific API vulnerabilities exploited, and discuss how tools like Impart can address these types of security flaws.

I have found at least one common theme while working with different WAF solutions over the past 17 years. The first expectation of any WAF is not to block attacks. It is to not break the application. If a WAF impedes application functionality and negatively impacts the revenue the application is generating then the WAF’s primary functions don’t mean anything.

‍Darwin, Phillip, James, and Brian separate hype from reality for LLMs in application security today, how things are evolving on the front lines, and the future off the appsec role from the expert perspectives of Industry Analyst, Security Practitioner, SDLC founder, and Runtime founder.