Cequence helps enterprises guard against recent API flaw exploitation
SHARE
Application programming interfaces, or APIs, are great for introducing services to new customers, making it easier to publish content fast and sharing information cross-platform. However, APIs aren’t so great for security.
Consumer-focused companies that have learned this lesson in recent weeks include farm machinery manufacturer John Deere Inc., the Experian Inc. credit bureau, and exercise equipment maker Peloton Inc. For all three firms, plus the popular social media platform Clubhouse, an open API allowed sensitive personal data to be exposed.
“The news has been ripe with this lately,” said Jason Kent (pictured, left), hacker in residence at API security software company Cequence Security Inc. “John Deere got hit, yet another credit bureau got hit. I log onto the platform, I’m authorized to be there, but I can see someone else’s stuff. That’s exactly what happen