Top Stories

This blog is about learning mass assignment vulnerability, how to find it manually, how to test for it using Akto and finally how to prevent it.

This blog will help developers to understand XSS, its types, how to discover and prevent it. XSS stands for Cross-Site Scripting, a type of vulnerability

In this blog, we will compare the changes of OWASP API Security Top 10 2019 and OWASP API Security Top 10 2023 release candidate.

XXE is a vulnerability in XML processing that attackers exploit to access sensitive data. Learn all about XML External Entity attack and how to prevent it.

Say goodbye to tedious and time-consuming pen-testing workflows with Akto's Burp extens...

Someone asked me this question recently and while I was giving him the answer, I thought..

Server-Side Request Forgery (SSRF) is a type of web application vulnerability that allow..

Amazon EC2 instances are great for many kinds of workloads. Amazon provides the option to

30 million devs today use APIs everyday to build beautiful software applications...

The JWT None algorithm attack is a type of vulnerability that arises when a JWT is signed

Unit 42 researchers have discovered a vulnerability in the widely-used JsonWebToken open..

T-Mobile, one of the biggest names in the telecommunications industry, has suffered

In this blog, we will explore the issue of API2:2019 Broken User Authentication and how...

Did you know that researchers recently uncovered some serious vulnerabilities in a...

Working in the field of information security for more than ten years now, I have faced...

It’s year end and we have some awesome 2022 API security insights for you! HackerOne...

A UUID (Universal Unique Identifier) is a standardized 128-bit format for identifying....

An interesting test case where a weak user identifier can be used to perform a BOLA attack

Bank account data of hundreds of taxpayers were disclosed due to IDOR vulnerability

Broken Object level Authorization is the most severe API security vulnerability...

Super excited to announce that we have raised $4.5M seed funding!

Akto is on a mission to make API security journeys for security engineers and developers..

Optus is the second-largest telecommunications provider in Australia.