Traceable

🚨 BREAKING NEWS: Traceable has released an in-depth report revealing API Security trends in the financial sector. 🔍📊 Our study, "The State of API Security in Financial Services," surveyed over 150 cybersecurity professionals in the US and uncovered important insights into the challenges, risks, and practices surrounding API security in this critical industry. Key Highlights: 📈 82% of financial institutions have compliance concerns related to API security 🚨 42% of API-related breaches are caused by fraud, abuse, and misuse 😨 Only 15% of organizations are extremely confident in detecting and preventing API-based fraud and abuse 🔍 64% lack the ability to understand the context between API activity, user activity, data flow, and code execution To access the full report and gain actionable insights for strengthening API security in financial services, download your complimentary copy now: https://lnkd.in/eJ9kbnc3 #apisecurity #cybersecurity #securityresearch #industryresearch

It's time for the weekend news roundup! Each Sunday, we bring you the latest and most important updates in the API security and cybersecurity world. Here's a look at the top stories that made headlines last week: BleepingComputer reported on a Twilio breach via an unsecured API endpoint, which allowed hackers to verify the phone numbers of millions of Authy multi-factor users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. Get the story here: https://lnkd.in/g5YSRRkU Axios revealed more details about the AT&T data breach, reporting that hackers seized access to several months of AT&T call logs in a breach via Snowflake. Here is their report: https://lnkd.in/eerMeNna Dark Reading shared an article about the CISA takedown of Ivanti Systems. https://lnkd.in/gF5VRiRW In another report from Dark Reading, they reported that an Apple geolocation API exposes WiFi access points worldwide: https://lnkd.in/eZ6DMrsf The The Wall Street Journal reported that Google is near a $23 billion deal to acquire Wiz: https://lnkd.in/ej_4yp3z Have a great week ahead!

Our friends at Geodesic Capital have shared an insightful article on the cybersecurity challenges and opportunities in an AI-first world. Generative AI (GenAI) is revolutionizing enterprise technology, unlocking new capabilities and leveraging proprietary data across organizations. However, this innovation brings cybersecurity risks that need addressing as enterprises move from experimentation to production workloads. Key insights from the article include: 🔒 89% of IT security leaders are concerned about security vulnerabilities with third-party AI tools. ⚠️ 75% believe these integrations pose a greater risk than existing threats. 🛡️ Security concerns around data privacy and loss prevention are top challenges in adopting AI/ML. GenAI-related risks enhance existing attack vectors and enable new vulnerability exploitations. From sophisticated phishing and deep fakes to data poisoning and prompt injection, the landscape is rapidly evolving. Fortunately, many startups are rising to the challenge (like Traceable !), offering innovative solutions across the GenAI cybersecurity stack. Companies like Protect AI, HiddenLayer, Robust Intelligence, Lakera , Arize AI , Patronus AI, Credo AI, and Nightfall AI are developing tools and platforms to address these risks. Read the full article to explore these insights and discover how organizations can navigate the complex GenAI cybersecurity landscape effectively. 👉 https://bit.ly/3VZzXuP

Richard Bird, Chief Security Officer at Traceable, recently shared his expertise on the Risk Management podcast, providing valuable insights into API security and observability. Key topics discussed include: 🔍 The evolving landscape of API fraud in the banking and financial services sector 📊 Findings from Traceable's recent survey on API security 🛡️ Strategies financial institutions must adopt to protect their API ecosystems Some critical questions addressed: ❓ What are the most significant changes in PCI DSS 4.0 compared to previous versions? ❓ How important is determining an organization's merchant level in the compliance process? ❓ How should organizations approach defining the scope of their cardholder data environment (CDE)? ❓ What steps can businesses take to ensure they meet the March 2024 deadline for the first phase of PCI DSS 4.0? ❓ How can smaller businesses manage the potential costs and resource allocations needed for PCI DSS 4.0 compliance? Listen to the full episode to learn more about safeguarding your organization against unauthorized access, reputational damage, and financial loss. https://bit.ly/3zwnVS4

Join Us for the Get Smart | Chicago Workshop! The Traceable team is excited to invite you to our upcoming workshop at the Morningstar offices in the Loop. Join us to "Get Smarter" about API Security! 📅 Date: Tuesday, July 16 ⏰ Time: 12:00 PM - 6:00 PM CDT 📍 Location: Morningstar, 22 W Washington St #7, Chicago, IL 60602, USA 🎟️ Register here: https://lu.ma/nqd9vmxt This session is tailored for technical professionals and managers looking to deepen their expertise in detecting and protecting against API threats. You'll gain hands-on experience with real data, exploring the API security challenges related to visibility, detection, and protection. This is a unique opportunity to learn how Traceable discovers and protects against API security threats and to experience our platform first-hand. We look forward to seeing you there and enhancing your API security knowledge!

We at Traceable are deeply saddened by the passing of Steve King, CISM, CISSP, managing director of CyberEd.io. Steve was a true luminary in the cybersecurity industry, known for his relentless questioning of the status quo, and his ability to challenge traditional practices. In a special edition of the ISMG Editors' Panel, our own CSO, Richard Bird, joined Information Security Media Group (ISMG) editors to honor Steve’s legacy. Steve’s profound impact on the industry was highlighted through reflections on his contributions and the inspiration he provided to all who knew him. As Richard noted, “Steve was always questioning, always unsatisfied with rote answers, and that really struck up a great friendship with us.” Steve’s legacy will continue to inspire and guide the cybersecurity community. His ability to see beyond the surface and foster meaningful discussions made him a cherished mentor and friend to many. The panel, including Anna Delaney, Tom Field, Michael Novinson, and Chris Riotta, shared insights on several critical topics, from the unique security challenges posed by APIs in the financial services sector to the importance of key identity management strategies in protecting against ransomware attacks. We invite you to watch the video of this heartfelt discussion and join us in celebrating Steve’s remarkable contributions to our field. His work and dedication has left an indelible mark on us all.

As we celebrate Independence Day, we want to take a moment to reflect on the values that make this day special: freedom, innovation, and the pursuit of a better future. These values are at the core of what we do at Traceable, and they inspire us every day to push the boundaries of what's possible in cybersecurity. We hope you have a wonderful and safe holiday filled with joy, gratitude, and celebration. Whether you're enjoying a fireworks display, a BBQ with family and friends, or simply taking some time to relax, we wish you all the best. Here's to the spirit of independence and the bright future ahead. Happy 4th of July! 🇺🇸

We're thrilled to share that Traceable will be attending Black Hat 2024! 😎 As we prepare for this premier cybersecurity event, we’re gearing up to bring you something truly exciting. 🙊 While we can't reveal everything just yet, stay tuned for a special announcement coming soon. Trust us, you won’t want to miss it! Make sure to follow our updates here and get ready for something BIG! 🚀

On July 1st, we had the pleasure of welcoming our new batch of interns and fresh graduates to our Bangalore office! 🌟 This dynamic group is eager to dive into the world of cybersecurity, and we couldn't be more thrilled to have them on board. We recruited talented individuals from some of the top institutions in India, including IIIT Hyderabad, IIIT Bangalore, NIT Calicut, MIT Manipal, IIITDM Jabalpur, and IIIT Allahabad. To kick off their journey, we've organized a comprehensive Bootcamp designed to give them an in-depth understanding of our company, products, and team. A big thank you to everyone involved in making this onboarding experience exceptional. We are excited to see the fresh perspectives and innovative ideas our new team members will bring to Traceable. Welcome to the team, and here's to a bright future ahead! 🚀

We recently released our second annual RSA Conference survey results and the findings are 🤯 ! To better understand the state of API security at the RSA Conference 2024, Traceable conducted a survey on the show floor. The team spoke with over 125 security professionals about their recent experience, struggles, and how they are dealing with a new era of threats – specifically API security risks in their organization. 📌 Half of organizations (50%) do not have a dedicated team member or team for API security, up by 10% from last year. 📌 API security ownership has increasingly become the responsibility of the CISO (44%), up by 6% from the previous year. 📌 While down by 10% from the previous year, the majority of respondents (56%) still reported they either struggle with API sprawl or do not know if their company is managing API sprawl effectively. 📌 Last year, very few respondents confirmed falling victim to an API attack in the last 12 months. Meanwhile, in 2024, 14% said yes, their company has – while a quarter weren’t sure. 📰 Read the news here: https://lnkd.in/ej3R4Jvr