November Newsletter: HIPAA Compliance, Akto Academy, New Community Platform
This is Akto's November newsletter blog. This month we bring to you exciting updates on our new Academy resource, community, HIPAA compliance, features, and more.
TLDR Important Links
🚑 Akto is now HIPAA Compliant
Akto is HIPAA compliant! This marks a key milestone in our commitment to security and privacy. This achievement is especially significant for our healthcare customers, ensuring the highest standard of protection for sensitive health data. We understand the critical nature of compliance in your operations, and HIPAA compliance positions Akto as a trusted partner in your API Security Journey. With this compliance, you can trust that your health data is in safe hands.
🏛️ [Academy] Learn about API Security with Akto Academy
We’ve released the first course on API security at Akto Academy!
Our goal is to help users learn about APIs and API Security, and understand how to secure APIs through Akto's hands-on labs and informative content curated by our seasoned team of security experts. The first course covers the basics of API security, including modules on what an API is, status codes, HTTP methods, GraphQL, and more. Expect many more exciting courses in this area.
🔥 Akto Community Platform is now Live!
Akto Community is now live on a brand new platform! If you have questions about the product or API Security, post your queries on the platform now. Here’s how you can get started:
🪝Added custom payload in Webhooks
You can now add your own custom payload in Webhooks on Akto. No need to stick to Akto’s default format – create a custom payload that fits your needs. Sending data from Akto is now easier and more flexible.
More Product Updates
Improved Test Editor Info: We have updated the info section in test editor for custom tests.
Fixed concurrent tests: This update supports running multiple CI/CD tests simultaneously.
Optimized testing memory: We have significantly reduced memory utilization in the testing module.
🚀 Akto Live Group Demo
Akto hosts a live, 45-minute session on our latest features and use cases. Expect to see:
An introduction to API security
Getting started with Akto
Key use cases solved by Akto
Any custom demand by audience
📕 Recommended Reading:
23andMe: Brute Force Attack Details and Prevention: Read about the data breach of company 23andMe.
7 Strategies to Implement DevSecOps in Your Organization Successfully: Learn how to stay ahead of threats and foster innovation in a secure environment.
Securing Cloud-Native Applications in DevSecOps: Actionable insights on architecting, building, and running more secure cloud native apps.
Ensuring API security within the DevSecOps framework: This article sheds light on the urgent need for strong API security in the current digital landscape.
LinkedIn Data Breach: Learn how 500 million LinkedIn profiles were offered for sale on a well-known hacker forum.
🤔 What’s Next?
We are building fast, very fast.
Here's a sneak peek at what's coming next month:
Advanced Authorization and Authentication tests
Lots of exciting UI Updates
Advanced API Risk Prioritization
Enhanced support for Swagger and Postman Testing
Improved SSO capabilities
See you next month 🚀
Our newsletter from previous months:
Open Redirect in Outdated FCKeditor: SEO Poisoning in Action
The attackers exploited open redirect requests associated with FCKeditor, a web text editor that used to be popular.
NIST Releases Version 2.0 : 6 Key Features of NIST CyberSecurity Framework 2.0
Explore the key features and effective implementation of the NIST Cybersecurity Framework 2.0. This comprehensive guide provides insights on managing cybersecurity risks in organizations of all sizes and sectors.
Protecting Your APIs: An In-Depth Analysis of the Most Noteworthy CVEs
Uncover vulnerabilities and safeguard your APIs with insights into noteworthy CVEs. - CVE-2023-35078: Authentication Flaw in Ivanti EPMM API - CVE-2023-23752: Improper Access Control in Joomla - CVE-2023-49103: Serious Information Exposure in ownCloud's Graph API