help outline CLOUD Next-gen solutions in AI, security and life sciences featured at second AWS Startup Showcase on June 16
SHARE
Any newborn has a better rate of survival when it is nurtured and supported. A baby bird that falls from the nest is probably doomed, but one protected and sustained will grow stronger until it can stretch its wings and fly.
Like animals, tech start-ups are more likely to hit unicorn status if they are part of a supportive ecosystem. But unlike animals, tech startups must seek out their nurturing “home.” One ecosystem attracting today’s cloud native startups is Amazon Web Systems Inc., which holds over 50% of the infrastructure-as-a-service and platform-as-a-service market share. The idea is to encourage those innovations most impactful to its ecosystem, able to bridge gaps through collective efforts.
Cequence helps enterprises guard against recent API flaw exploitation
SHARE
Application programming interfaces, or APIs, are great for introducing services to new customers, making it easier to publish content fast and sharing information cross-platform. However, APIs aren’t so great for security.
Consumer-focused companies that have learned this lesson in recent weeks include farm machinery manufacturer John Deere Inc., the Experian Inc. credit bureau, and exercise equipment maker Peloton Inc. For all three firms, plus the popular social media platform Clubhouse, an open API allowed sensitive personal data to be exposed.
“The news has been ripe with this lately,” said Jason Kent (pictured, left), hacker in residence at API security software company Cequence Security Inc. “John Deere got hit, yet another credit bureau got hit. I log onto the platform, I’m authorized to be there, but I can see someone else’s stuff. That’s exactly what happen
Open API at exercise equipment company Peloton exposed private user data
SHARE
Interactive exercise equipment company Peloton Interactive Inc. has suffered a potential data breach after it was discovered that its application programming interface exposed user data including private accounts.
The revelation came on the same day the company was forced to recall two of its treadmills following the death of a six-year-old child. The API vulnerability was discovered by Jan Masters, a security researcher at Pen Test Partners LLP and first reported today by TechCrunch.
The unsecured API is said to have allowed anyone to gain access to private account data directly from Peloton’s servers. Accessible data included age, gender, city, weight, workout statistics and where available birthday as well.