fbpx
Founder Institute Lagos Founder Institute Lagos Founder Institute Lagos
  • Home
  • About
  • Partners
  • Advertise
  • Contact
  • Signup to receive updates
Innovation | Startups | Funding | Tech Blog in Africa
Advertisement
  • Home
  • Startups
  • Hubs
  • Funding
  • WomenTech
  • CleanTech
  • Blockchain
No Result
View All Result
  • Home
  • Startups
  • Hubs
  • Funding
  • WomenTech
  • CleanTech
  • Blockchain
No Result
View All Result
Innovation | Startups | Funding | Tech Blog in Africa
No Result
View All Result
Home General

Pitfalls Software Developers Should Avoid When Programming Using API

by David Okelezo
2020/01/17 - Updated on 2020/12/27
in General
image1Q

image1Q

Share on FacebookShare on Twitter
Tweet
Share
Share

The rate at which cybercrimes occur is, now more pronounced, than ever before and evidence of these nefarious activities, can be seen, in the rise of the rigging of elections, high rate of cyberattacks on businesses and the fact that, the hard-earned money of bank customers, that are being wiped out of their bank accounts.

Just a few weeks, into the year 2020, there have been, more than 1.76 billion records leaked and this includes, records containing user information and plain text passwords, for about 772 million people.

This is, one of the biggest data breaches to have happened, within, so short a time.

A MongoDB instance, containing 854GB of data was, also, hacked and this exposed CVs, containing sensitive information, of about 202 million Chinese users and also, this same year, a sensitive Oklahoma government data leaked and exposed 7 years of FBI investigations.

RelatedPosts

Sophos Excels in MITRE Engenuity ATT&CK Evaluations with 99% Detection Coverage

TSSF 4.0 Set for Dialogue on Data Centre Ahead of $517Bn Global Boom

NCC announces change to Fixed Lines Numbering Format

GoMyCode, Eridan Group partner to host “Opportunities in Tech” Workshop

The bad news is that, cyber-attacks will get more worse and frequent, especially, this year and that is why it is, highly, essential that, one is prepared, for this incoming onslaught.

Late last year, The Open Web Application Security Project “OWASP”, released its much-awaited, first edition, of its top 10 list of API security pitfalls that software developers and code auditors, should be aware of, in order to minimize breaches.

The API has been one of the most abused and somewhat, easy-to-access, communication protocols, by hackers.

This abuse is a major problem that shows no sign, of stopping, anytime soon. in fact, it has been projected that it will escalate this year.

The OWASP’s API Security Top 10 list, was published, earlier this month and it was a revelation, as it contains some loopholes that have been overlooked.

Check out the list below:

  • Broken Object Level Authorization
  • Broken User Authentication
  • Excessive Data Exposure
  • Lack of Resources & Rate Limiting
  • Broken Function Level Authorization
  • Mass Assignment
  • Security Misconfiguration
  • Injection
  • Improper Assets Management
  • Insufficient Logging and Monitoring

“Some of these raised issues that look pretty simple, but are, extremely, critical, like good housekeeping and documenting APIs.

Moreover, there are, also, complex issues of access control that might require some attention, from the design phase”, stressed Erez Yalon, Director of Security Research, at Checkmarx and Co-lead, on the OWASP API Security Project.

“Having a clear understanding of API, will minimize the vulnerabilities that arise, from this worrisome issue and this will help teams, to mitigate against API security risks and put systems into place, moving forward”, Erez concluded.


Featured Image: Codersera


Don’t miss important articles during the week. Subscribe to cfamedia weekly newsletter for updates.

Join @techbuildafrica on Telegram
Tweet
Share
Share
ShareTweetShareSendShare

Subscribe us

Recent Posts

  • Sophos Excels in MITRE Engenuity ATT&CK Evaluations with 99% Detection Coverage
  • TSSF 4.0 Set for Dialogue on Data Centre Ahead of $517Bn Global Boom
  • Flapmax announces 12 African Startups Selected for FAST Accelerator Program
  • NCC announces change to Fixed Lines Numbering Format
  • GoMyCode, Eridan Group partner to host “Opportunities in Tech” Workshop
  • 24 Finalists announced for 2023 AWIEF Awards
  • LG enhances Brand’s Vision for Smart Living, showcases Top-rated Energy Efficient Products at IFA 2023
  • Bard Can Now Connect to your Google Apps and Services
  • South African Credit Market Report 2023
  • Meta announces Features to create New Experiences for WhatsApp Business Users
Innovation | Startups | Funding | Tech Blog in Africa

© 2013-2021 techbuild.africa. All Rights Reserved.

Navigate Site

  • About
  • Contact
  • WE-Forum
  • Privacy
  • Sitemap
  • Terms
  • Blockchain
  • CleanTech

Follow Us

No Result
View All Result
  • Home
  • Startups
  • Hubs
  • Funding
  • WomenTech
  • CleanTech
  • Blockchain

© 2013-2021 techbuild.africa. All Rights Reserved.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In