Security Boulevard

API Authentication Methods Explained: API Keys, OAuth, JWT & HMAC Compared

A deep dive comparing API Keys, OAuth 2.0, JWT, and HMAC for CTOs. Learn which api authentication method fits your enterprise SSO and IAM strategy.
InfoWorld

Build an authentication handler for a minimal API in ASP.NET Core

ASP.NET Core offers a simplified hosting model, called minimal APIs, that allows us to build lightweight APIs with minimal dependencies. However, “minimal” doesn’t mean minimal security. Minimal APIs ...
InfoWorld

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications.
CSOonline

What you need to know about the new OWASP API Security Top 10 list

According to a report released by Akamai earlier this year, API calls now represent 83% of all web traffic. Web-enabled applications already have 40% of their attack surface in the form of APIs ...
Linux Journal

WebAuthn Web Authentication with YubiKey 5

A look at the recently released YubiKey 5 hardware authenticator series and how web authentication with the new WebAuthn API leverages devices like the YubiKey for painless website registration and ...