Tech Zone 360

The Difference Between Authentication and Authorization for API Security

Application Programming Interfaces (APIs) are the backbone of many services and applications, enabling different software to interact with each other seamlessly. However, with this increased ...
InfoWorld

How to secure ASP.Net Web APIs using authorization filters

Security is a major concern in web-based enterprise applications. When you need to transmit data over the wire, you should be aware of the various tools you can use to secure that data. ASP.Net Web ...
InfoWorld

Build an authentication handler for a minimal API in ASP.NET Core

ASP.NET Core offers a simplified hosting model, called minimal APIs, that allows us to build lightweight APIs with minimal dependencies. However, “minimal” doesn’t mean minimal security. Minimal APIs ...
Threat Post

Predicting the Next OWASP API Security Top 10

API security risk has dramatically evolved in the last two years. Jason Kent, Hacker-in-Residence at Cequence Security, discusses the top API security concerns today and how to address them. As a long ...
CSOonline

Enhancing API security: dynamic authorization to protect sensitive data

API Gateways effectively manage the authentication of the user and provide service orchestration capabilities, but if sensitive data is involved, additional fine-grained authorization capabilities are ...
CSOonline

Why you need both authorization and authentication

In previous posts I have discussed in depth the importance of authorization, specifically dynamic authorization, to control access to critical information assets. However, authorization is only a ...
Linux Journal

Mongoose: an Embeddable Web Server in C

Web services are all the rage in development circles, but full-featured application servers like JBoss are terrible overkill for small system solutions. In many situations, simple RESTful interfaces ...