Secure Proxy for HIPAA-Compliant API Analytics

In HeathTech apps, it’s often the case that you’re dealing with private or health-related data. This requires compliance with regulations, such as HIPAA in the United States. These regulations force you to handle sensitive data in a well-defined manner, so only specific people can read it, and if they do, it should be logged for … Read more

Modern App Security Requires Defense in Depth

Perimeter security has been dying a slow death over the better part of a decade, as breaches of the corporate network have become commonplace. Most organizations now find it obvious that trusting devices and users merely for being “on the corpnet” is insufficient to maintain security in the face of evolving threats. At the same … Read more

Secure Your WSO2 Micro Integrator Deployment

WSO2 Micro Integrator (for short, let’s use MI) is an integration solution that is widely used in enterprise integration. You can use MI to implement mediation policies, message transformation, security, and more. In this article, we are going to focus on how you can securely place MI on your deployment. First Things First WSO2 MI … Read more

Testing Your IaC Using Terratest

Setting Up infrastructure manually can be a time-consuming and hectic process. That is when we can make use of Infrastructure as Code (IaC) tools to automate the infrastructure. IaC automation can be done for any kind of Infrastructure ie, virtual machine, storage, etc. As more and more infrastructure becomes code, it is essential to have … Read more

amazon web services – Calling AWS Lambda via api gateway on localstack doesn’t work as expected

Hi I have downloaded the most basic java lambda example package helloworld; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.net.URL; import java.util.HashMap; import java.util.Map; import java.util.stream.Collectors; import com.amazonaws.services.lambda.runtime.Context; import com.amazonaws.services.lambda.runtime.RequestHandler; import com.amazonaws.services.lambda.runtime.events.APIGatewayProxyRequestEvent; import com.amazonaws.services.lambda.runtime.events.APIGatewayProxyResponseEvent; /** * Handler for requests to Lambda function. */ public class App implements RequestHandler<APIGatewayProxyRequestEvent, APIGatewayProxyResponseEvent> { public APIGatewayProxyResponseEvent handleRequest(final APIGatewayProxyRequestEvent input, … Read more

Implement HIPAA Technical Safeguards in Your API

The Health Insurance Portability and Accountability Act, or HIPAA for short, is a set of laws around handling health-related data in information systems. It defines safeguards, which are rules you have to follow when handling health data for your customers. There are three safeguard categories: Administrative safeguards, covering personal and processes in your company Physical … Read more

listview – Displaying specific items in a lisview from the api response Flutter

Good day everyone I want to display items from the api data in a listview on the next page on button submit, may you please help. I have managed to print the api data response in the console using response.data, now I just want to show certain items in a list, not all the data. … Read more

API Security Weekly: Issue 165

This week, we have news of another high severity vulnerability in a WordPress plugin, this time the popular All in One allowing compromise via the core REST API. We also have views from @apihandyman on why to treat all APIs as public ones, a comprehensive beginner’s guide to API security, and finally an optimism view … Read more

How To Check for JID Attacks With Java

A consistent inclusion in the OWASP top 10, insecure deserialization is a subtle but dangerous application security threat. This aptly named attack exploits data serialization, the “bread and butter” data transformation process that takes place when an object is passed from one web application to another. Under normal circumstances, when a new object is sent … Read more