{"id":19944,"date":"2024-10-22T15:49:20","date_gmt":"2024-10-22T13:49:20","guid":{"rendered":"https:\/\/www.kyos.ch\/?p=19944"},"modified":"2024-10-22T16:18:45","modified_gmt":"2024-10-22T14:18:45","slug":"api-in-danger","status":"publish","type":"post","link":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/","title":{"rendered":"API in Danger: Underestimated Security Holes\u00a0"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"19944\" class=\"elementor elementor-19944\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-292b490 elementor-section-full_width elementor-section-stretched elementor-section-height-default elementor-section-height-default\" data-id=\"292b490\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;stretch_section&quot;:&quot;section-stretched&quot;}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-32582fd9  kyos-vertical-menu elementor-hidden-phone elementor-hidden-tablet\" data-id=\"32582fd9\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-52caf52b kyos-fixed-item elementor-widget elementor-widget-template\" data-id=\"52caf52b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"template.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-template\">\n\t\t\t\t\t<div data-elementor-type=\"section\" data-elementor-id=\"8533\" class=\"elementor elementor-8533\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a813e45 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a813e45\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-d5af3eb\" data-id=\"d5af3eb\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-26058eb elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"26058eb\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-3e54c19\" data-id=\"3e54c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8cde3b2 kyos-fixed-item elementor-view-default elementor-widget elementor-widget-icon\" data-id=\"8cde3b2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<a class=\"elementor-icon\" href=\"https:\/\/www.kyos.ch\/kyos\/\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"19.432\" height=\"44.834\" viewBox=\"0 0 19.432 44.834\"><path id=\"Trac&#xE9;_4373\" data-name=\"Trac&#xE9; 4373\" d=\"M7.771,22.432h0L19.432,0H11.687L0,22.432l11.687,22.4h7.745Z\" fill=\"#2d2926\"><\/path><\/svg>\t\t\t<\/a>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-48b921f\" data-id=\"48b921f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-390f19f kyos-fixed-item-black elementor-widget elementor-widget-text-editor\" data-id=\"390f19f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/www.kyos.ch\/kyos\/\" style=\"color:#2d2926\">\u00c0 propos<\/a>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-inner-column elementor-element elementor-element-6e00f63\" data-id=\"6e00f63\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-d2a01b0 kyos-sidemenu-left-white uael-nav-menu__align-left uael-submenu-icon-arrow uael-link-redirect-child uael-nav-menu__breakpoint-tablet uael-nav-menu-toggle-label-no elementor-widget elementor-widget-uael-nav-menu\" data-id=\"d2a01b0\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;sticky&quot;:&quot;top&quot;,&quot;_animation&quot;:&quot;none&quot;,&quot;sticky_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;,&quot;mobile&quot;],&quot;sticky_offset&quot;:0,&quot;sticky_effects_offset&quot;:0,&quot;sticky_anchor_link_offset&quot;:0}\" data-widget_type=\"uael-nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"uael-nav-menu uael-layout-vertical uael-nav-menu-layout\" data-layout=\"vertical\">\n\t\t\t\t<div role=\"button\" class=\"uael-nav-menu__toggle elementor-clickable\">\n\t\t\t\t\t<span class=\"screen-reader-text\">Main Menu<\/span>\n\t\t\t\t\t<div class=\"uael-nav-menu-icon\">\n\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-align-justify\"><\/i>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<nav class=\"uael-nav-menu__layout-vertical uael-nav-menu__submenu-arrow\" data-toggle-icon=\"&lt;i aria-hidden=&quot;true&quot; class=&quot;fas fa-align-justify&quot;&gt;&lt;\/i&gt;\" data-close-icon=\"&lt;i aria-hidden=&quot;true&quot; class=&quot;far fa-window-close&quot;&gt;&lt;\/i&gt;\" data-full-width=\"yes\"><ul id=\"menu-1-d2a01b0\" class=\"uael-nav-menu\"><li id=\"menu-item-1599\" class=\"menu-item menu-item-type-post_type menu-item-object-page parent uael-creative-menu\"><a href=\"https:\/\/www.kyos.ch\/en\/kyos\/approach\/\" class = \"uael-menu-item\">Approach<\/a><\/li>\n<li id=\"menu-item-1588\" class=\"menu-item menu-item-type-post_type menu-item-object-page parent uael-creative-menu\"><a href=\"https:\/\/www.kyos.ch\/en\/kyos\/our-team\/\" class = \"uael-menu-item\">Our Team<\/a><\/li>\n<li id=\"menu-item-1589\" class=\"menu-item menu-item-type-post_type menu-item-object-page parent uael-creative-menu\"><a href=\"https:\/\/www.kyos.ch\/en\/kyos\/ethics\/\" class = \"uael-menu-item\">Ethics<\/a><\/li>\n<li id=\"menu-item-1602\" class=\"menu-item menu-item-type-post_type menu-item-object-page parent uael-creative-menu\"><a href=\"https:\/\/www.kyos.ch\/en\/kyos\/partners\/\" class = \"uael-menu-item\">Partners<\/a><\/li>\n<li id=\"menu-item-1603\" class=\"menu-item menu-item-type-post_type menu-item-object-page parent uael-creative-menu\"><a href=\"https:\/\/www.kyos.ch\/en\/kyos\/references\/\" class = \"uael-menu-item\">References<\/a><\/li>\n<li id=\"menu-item-1604\" class=\"menu-item menu-item-type-post_type menu-item-object-page parent uael-creative-menu\"><a href=\"https:\/\/www.kyos.ch\/en\/kyos\/news\/\" class = \"uael-menu-item\">News<\/a><\/li>\n<li id=\"menu-item-12447\" class=\"menu-item menu-item-type-post_type menu-item-object-page parent uael-creative-menu\"><a href=\"https:\/\/www.kyos.ch\/en\/kyos\/join-us\/\" class = \"uael-menu-item\">Join us<\/a><\/li>\n<\/ul><\/nav>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-79c17d90\" data-id=\"79c17d90\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ecfb1a5 elementor-widget elementor-widget-heading\" data-id=\"ecfb1a5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">API in Danger: Underestimated Security Holes\u00a0<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7d2d620d elementor-align-left elementor-widget elementor-widget-post-info\" data-id=\"7d2d620d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"post-info.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-inline-items elementor-icon-list-items elementor-post-info\">\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-5934c6a elementor-inline-item\" itemprop=\"datePublished\">\n\t\t\t\t\t\t<a href=\"https:\/\/www.kyos.ch\/en\/2024\/10\/22\/\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-calendar\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-date\">\n\t\t\t\t\t\t\t\t\t\t<time>October 22, 2024<\/time>\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t<\/li>\n\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-6d7e03c elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"far fa-clock\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-time\">\n\t\t\t\t\t\t\t\t\t\t<time>3:49 pm<\/time>\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-d6c49fb elementor-inline-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t\t<i aria-hidden=\"true\" class=\"far fa-user-circle\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-custom\">\n\t\t\t\t\t\t\t\t\t\tSecurity Team\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5de69116 elementor-widget elementor-widget-text-editor\" data-id=\"5de69116\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">In recent years, API security has become a crucial issue for companies, with several significant leaks revealing the vulnerabilities of API integrations. For example, in June 2024, Authy (Twilio) suffered an attack resulting in the exfiltration of personal data of 33.4 million users <a href=\"https:\/\/x.com\/DarkWebInformer\/status\/1806436700870287682\" target=\"_blank\" rel=\"noopener\">[1]<\/a>. This was caused by poor API authorization management, exposing phone numbers. Another major breach hit Ivanti, where cyber attackers exploited an API authentication bypass flaw, allowing unauthorized access to endpoints and indirectly compromising 12 Norwegian ministries <a href=\"https:\/\/www.scworld.com\/news\/ivanti-bug-exploited-in-attack-on-norwegian-government\" target=\"_blank\" rel=\"noopener\">[2]<\/a>.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p><p><span data-contrast=\"auto\">These incidents are just the tip of the iceberg. They illustrate a growing trend of API attacks, which have exploded in recent years. Yet, many companies are unaware of the number of APIs they use. APIs are now ubiquitous, even on showcase sites with third-party extensions, making every interface a potential door for cybercriminals.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-702fef49 elementor-widget elementor-widget-theme-post-featured-image elementor-widget-image\" data-id=\"702fef49\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"theme-post-featured-image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"640\" height=\"427\" src=\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg\" class=\"attachment-full size-full wp-image-19932\" alt=\"\" srcset=\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg 640w, https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web-300x200.jpg 300w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bdd00e9 elementor-widget elementor-widget-heading\" data-id=\"bdd00e9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What is an API? <\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-93b4552 elementor-widget elementor-widget-text-editor\" data-id=\"93b4552\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">An API (Application Programming Interface) is a set of rules and protocols that allow different applications to communicate with each other. The most commonly used APIs are REST, SOAP, and GraphQL. <\/span><span data-contrast=\"auto\">Here are their main differences:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p><ul><li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">REST (Representational State Transfer):<\/span><\/b><span data-contrast=\"auto\"> An architectural style using the HTTP protocol to interact with resources via URLs. It returns data in various formats (JSON, XML, etc.), with JSON being the most used for its lightness. REST is stateless, meaning each request must contain all the information needed for its processing.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li><\/ul><ul><li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">SOAP (Simple Object Access Protocol):<\/span><\/b><span data-contrast=\"auto\"> A standard protocol for exchanging XML messages. It is more complex than REST but offers robust security standards (WS-Security). SOAP can operate in a stateless or stateful manner, allowing session management.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li><\/ul><ul><li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">GraphQL (Graph Query Language):<\/span><\/b><span data-contrast=\"auto\"> Designed by Facebook, GraphQL allows clients to request exactly the data they need. Unlike REST, which relies on distinct resources, GraphQL uses a single endpoint to return the information specified by the client in JSON format.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li><\/ul><p><span data-contrast=\"auto\">The choice of API type depends on the specific needs of the application. REST is often preferred for modern web applications, SOAP for environments requiring high security standards, and GraphQL for complex applications with precise data needs.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ed23bcd elementor-widget elementor-widget-heading\" data-id=\"ed23bcd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Securing APIs: A Top Priority <\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6c0a8da elementor-widget elementor-widget-text-editor\" data-id=\"6c0a8da\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">A single flaw can be very costly and permanently tarnish a company&#8217;s image, with significant financial and reputational consequences. One solution for organizations is to regularly conduct security audits and penetration tests on their APIs. These actions help detect and correct vulnerabilities before they are exploited by cybercriminals.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p><p><span data-contrast=\"auto\">Recent examples of breaches clearly show why API security must be a priority for any company. Even showcase sites integrating third-party extensions can expose flaws.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p><p><span data-contrast=\"auto\">API-targeted attacks are becoming increasingly sophisticated and frequent. Protecting these interfaces is therefore essential to ensure the security of your data and the continuity of your operations. Don&#8217;t let a flaw jeopardize your business.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0532638 elementor-widget elementor-widget-heading\" data-id=\"0532638\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Protect your web applications today! <\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d636106 elementor-widget elementor-widget-text-editor\" data-id=\"d636106\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">An undetected security flaw can compromise the security of your web applications and damage the trust of your customers. At KYOS, we offer comprehensive penetration testing of your interfaces, including REST APIs and web applications, to identify and correct critical vulnerabilities.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p><p><span data-contrast=\"auto\">Our Pentest Web Essential offer includes:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p><ul><li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">A kick-off meeting<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li><\/ul><ul><li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"5\" data-aria-level=\"1\"><span data-contrast=\"auto\">Definition of prerequisites<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li><\/ul><ul><li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"6\" data-aria-level=\"1\"><span data-contrast=\"auto\">Analysis of 20 endpoints (web pages or API functions)<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li><\/ul><ul><li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;multilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"7\" data-aria-level=\"1\"><span data-contrast=\"auto\">Full report with findings and recommendations<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li><\/ul><p><span data-contrast=\"auto\">Additional options are available, such as analysis of a further 20 endpoints or a review session of the results.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p><p><a href=\"https:\/\/www.kyos.ch\/wp-admin\/post.php?post=19944&amp;action=elementor#kyos-footer-bloc\" target=\"_blank\" rel=\"noopener\"><b><span data-contrast=\"auto\">Contact us today<\/span><\/b><\/a><span data-contrast=\"auto\"> to secure your applications and guarantee your customers&#8217; trust!<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-58ba0d0 elementor-share-buttons--view-icon elementor-share-buttons--shape-circle elementor-share-buttons--color-custom elementor-share-buttons--skin-gradient elementor-grid-0 elementor-widget elementor-widget-share-buttons\" data-id=\"58ba0d0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"share-buttons.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-grid\" role=\"list\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_facebook\" role=\"button\" tabindex=\"0\" aria-label=\"Share on facebook\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-facebook\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_twitter\" role=\"button\" tabindex=\"0\" aria-label=\"Share on twitter\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-twitter\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-grid-item\" role=\"listitem\">\n\t\t\t\t\t\t<div class=\"elementor-share-btn elementor-share-btn_linkedin\" role=\"button\" tabindex=\"0\" aria-label=\"Share on linkedin\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-share-btn__icon\">\n\t\t\t\t\t\t\t\t<i class=\"fab fa-linkedin\" aria-hidden=\"true\"><\/i>\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-2ea61615 elementor-hidden-tablet elementor-hidden-phone\" data-id=\"2ea61615\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-56b93158 kyos-fixed-item elementor-widget elementor-widget-template\" data-id=\"56b93158\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"template.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-template\">\n\t\t\t\t\t<div data-elementor-type=\"section\" data-elementor-id=\"8782\" class=\"elementor elementor-8782\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e7758e7 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e7758e7\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2b28947\" data-id=\"2b28947\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-69ae174 elementor-widget elementor-widget-text-editor\" data-id=\"69ae174\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>More information on this subject?<\/p><p>We are at your disposal!<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-991947b elementor-widget elementor-widget-button\" data-id=\"991947b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"#kyos-footer-bloc\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Contact us<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>In recent years, API security has become a crucial issue for companies, with several significant leaks revealing the vulnerabilities of API integrations. For example, in June 2024, Authy (Twilio) suffered an attack resulting in the exfiltration of personal data of 33.4 million users [1]. This was caused by poor API authorization management, exposing phone numbers. [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":19932,"comment_status":"closed","ping_status":"open","sticky":false,"template":"elementor_header_footer","format":"standard","meta":{"_acf_changed":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[67,7,66],"tags":[],"class_list":["post-19944","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sec_check-en","category-in-the-news","category-sec-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>KYOS - API in Danger: Underestimated Security Holes\u00a0<\/title>\n<meta name=\"description\" content=\"API security has become a crucial issue, with several major leaks revealing vulnerabilities in API integrations.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"KYOS - API in Danger: Underestimated Security Holes\u00a0\" \/>\n<meta property=\"og:description\" content=\"API security has become a crucial issue, with several major leaks revealing vulnerabilities in API integrations.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/\" \/>\n<meta property=\"og:site_name\" content=\"KYOS\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-22T13:49:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-10-22T14:18:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"427\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Etienne Maghakian\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Etienne Maghakian\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/\"},\"author\":{\"name\":\"Etienne Maghakian\",\"@id\":\"https:\/\/www.kyos.ch\/#\/schema\/person\/10c03a166f24b0dfb247a0c084600db4\"},\"headline\":\"API in Danger: Underestimated Security Holes\u00a0\",\"datePublished\":\"2024-10-22T13:49:20+00:00\",\"dateModified\":\"2024-10-22T14:18:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/\"},\"wordCount\":555,\"publisher\":{\"@id\":\"https:\/\/www.kyos.ch\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg\",\"articleSection\":[\"Audit and intrusion tests\",\"In the news\",\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/\",\"url\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/\",\"name\":\"KYOS - API in Danger: Underestimated Security Holes\u00a0\",\"isPartOf\":{\"@id\":\"https:\/\/www.kyos.ch\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg\",\"datePublished\":\"2024-10-22T13:49:20+00:00\",\"dateModified\":\"2024-10-22T14:18:45+00:00\",\"description\":\"API security has become a crucial issue, with several major leaks revealing vulnerabilities in API integrations.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage\",\"url\":\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg\",\"contentUrl\":\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg\",\"width\":640,\"height\":427},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.kyos.ch\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"API in Danger: Underestimated Security Holes\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.kyos.ch\/#website\",\"url\":\"https:\/\/www.kyos.ch\/\",\"name\":\"KYOS\",\"description\":\"Better safe than sorry\",\"publisher\":{\"@id\":\"https:\/\/www.kyos.ch\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.kyos.ch\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.kyos.ch\/#organization\",\"name\":\"KYOS\",\"url\":\"https:\/\/www.kyos.ch\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.kyos.ch\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2021\/04\/Kyos_logo_white_180x60.png\",\"contentUrl\":\"https:\/\/www.kyos.ch\/wp-content\/uploads\/2021\/04\/Kyos_logo_white_180x60.png\",\"width\":180,\"height\":60,\"caption\":\"KYOS\"},\"image\":{\"@id\":\"https:\/\/www.kyos.ch\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.kyos.ch\/#\/schema\/person\/10c03a166f24b0dfb247a0c084600db4\",\"name\":\"Etienne Maghakian\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/ae7f1a0e450b509aaa528bdd6bf7b596556a5219b7ec73e1de10dd84ec9384f5?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ae7f1a0e450b509aaa528bdd6bf7b596556a5219b7ec73e1de10dd84ec9384f5?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ae7f1a0e450b509aaa528bdd6bf7b596556a5219b7ec73e1de10dd84ec9384f5?s=96&d=mm&r=g\",\"caption\":\"Etienne Maghakian\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"KYOS - API in Danger: Underestimated Security Holes\u00a0","description":"API security has become a crucial issue, with several major leaks revealing vulnerabilities in API integrations.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/","og_locale":"en_US","og_type":"article","og_title":"KYOS - API in Danger: Underestimated Security Holes\u00a0","og_description":"API security has become a crucial issue, with several major leaks revealing vulnerabilities in API integrations.","og_url":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/","og_site_name":"KYOS","article_published_time":"2024-10-22T13:49:20+00:00","article_modified_time":"2024-10-22T14:18:45+00:00","og_image":[{"width":640,"height":427,"url":"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg","type":"image\/jpeg"}],"author":"Etienne Maghakian","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Etienne Maghakian","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#article","isPartOf":{"@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/"},"author":{"name":"Etienne Maghakian","@id":"https:\/\/www.kyos.ch\/#\/schema\/person\/10c03a166f24b0dfb247a0c084600db4"},"headline":"API in Danger: Underestimated Security Holes\u00a0","datePublished":"2024-10-22T13:49:20+00:00","dateModified":"2024-10-22T14:18:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/"},"wordCount":555,"publisher":{"@id":"https:\/\/www.kyos.ch\/#organization"},"image":{"@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage"},"thumbnailUrl":"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg","articleSection":["Audit and intrusion tests","In the news","Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/","url":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/","name":"KYOS - API in Danger: Underestimated Security Holes\u00a0","isPartOf":{"@id":"https:\/\/www.kyos.ch\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage"},"image":{"@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage"},"thumbnailUrl":"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg","datePublished":"2024-10-22T13:49:20+00:00","dateModified":"2024-10-22T14:18:45+00:00","description":"API security has become a crucial issue, with several major leaks revealing vulnerabilities in API integrations.","breadcrumb":{"@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#primaryimage","url":"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg","contentUrl":"https:\/\/www.kyos.ch\/wp-content\/uploads\/2024\/10\/KYOS_news_API_Pentest_web.jpg","width":640,"height":427},{"@type":"BreadcrumbList","@id":"https:\/\/www.kyos.ch\/en\/in-the-news\/api-in-danger\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.kyos.ch\/en\/"},{"@type":"ListItem","position":2,"name":"API in Danger: Underestimated Security Holes\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/www.kyos.ch\/#website","url":"https:\/\/www.kyos.ch\/","name":"KYOS","description":"Better safe than sorry","publisher":{"@id":"https:\/\/www.kyos.ch\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.kyos.ch\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.kyos.ch\/#organization","name":"KYOS","url":"https:\/\/www.kyos.ch\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kyos.ch\/#\/schema\/logo\/image\/","url":"https:\/\/www.kyos.ch\/wp-content\/uploads\/2021\/04\/Kyos_logo_white_180x60.png","contentUrl":"https:\/\/www.kyos.ch\/wp-content\/uploads\/2021\/04\/Kyos_logo_white_180x60.png","width":180,"height":60,"caption":"KYOS"},"image":{"@id":"https:\/\/www.kyos.ch\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.kyos.ch\/#\/schema\/person\/10c03a166f24b0dfb247a0c084600db4","name":"Etienne Maghakian","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/ae7f1a0e450b509aaa528bdd6bf7b596556a5219b7ec73e1de10dd84ec9384f5?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/ae7f1a0e450b509aaa528bdd6bf7b596556a5219b7ec73e1de10dd84ec9384f5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ae7f1a0e450b509aaa528bdd6bf7b596556a5219b7ec73e1de10dd84ec9384f5?s=96&d=mm&r=g","caption":"Etienne Maghakian"}}]}},"_links":{"self":[{"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/posts\/19944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/comments?post=19944"}],"version-history":[{"count":5,"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/posts\/19944\/revisions"}],"predecessor-version":[{"id":19949,"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/posts\/19944\/revisions\/19949"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/media\/19932"}],"wp:attachment":[{"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/media?parent=19944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/categories?post=19944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kyos.ch\/en\/wp-json\/wp\/v2\/tags?post=19944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}