Traceable

🚨 BREAKING NEWS: Traceable has released an in-depth report revealing API Security trends in the financial sector. 🔍📊 Our study, "The State of API Security in Financial Services," surveyed over 150 cybersecurity professionals in the US and uncovered important insights into the challenges, risks, and practices surrounding API security in this critical industry. Key Highlights: 📈 82% of financial institutions have compliance concerns related to API security 🚨 42% of API-related breaches are caused by fraud, abuse, and misuse 😨 Only 15% of organizations are extremely confident in detecting and preventing API-based fraud and abuse 🔍 64% lack the ability to understand the context between API activity, user activity, data flow, and code execution To access the full report and gain actionable insights for strengthening API security in financial services, download your complimentary copy now: https://lnkd.in/eJ9kbnc3 #apisecurity #cybersecurity #securityresearch #industryresearch

We've reached 15,000 followers! 🎉 At Traceable, we are committed to providing the best in API security, and it’s incredibly rewarding to see our community grow. Each follower represents a shared dedication to protecting the digital ecosystem and advancing API security. We couldn't have achieved this milestone without our amazing team, partners, and of course, you – our followers. Your support and engagement drive us to innovate and continuously improve our offerings. Thank you for being a part of our journey. Here’s to continuing to build a safer, more secure future together! 🚀 traceable.ai

Black Hat 2024 is fast approaching, and Traceable has two must-attend sessions for API security practitioners! Mark your calendars: 🔐 "APIs and Contextual Security: The Devil Is In the Details" with Richard Bird 📅 Thursday, August 8, 10:20 AM - 11:10 AM PST 🛡️ "API Security Masterclass - Hacking and Defending APIs" with Katie Paxton Fear 📅 Wednesday, August 7, 12:05 PM - 1:30 PM For more details and to plan your Black Hat schedule, visit: https://lnkd.in/eqmiTD9e #blackhat2024 #blackhatconference #apisecurity

🚀 We’re Hiring! Regional Vice President - West Are you a visionary sales leader ready to make an impact in the API security space? Traceable is looking for a dynamic Regional Vice President for the West to lead our enterprise sales team to new heights. In this important role, you’ll report directly to our CRO, shape our sales strategy, and drive significant revenue growth. If you thrive in a fast-paced startup environment and have a proven track record in security or complex cloud SaaS sales, we want to hear from you! What You’ll Do: 🔹 Lead and mentor a high-performing sales team. 🔹 Develop and execute a comprehensive sales strategy. 🔹 Build and nurture relationships with C-level executives. 🔹 Drive six-figure deals and exceed sales targets. 🔹 Collaborate across teams to ensure customer success. What We’re Looking For: 🔸 6+ years managing enterprise account execs. 🔸 10+ years in sales within security or cloud SaaS. 🔸 Proven success in closing large deals. 🔸 Exceptional leadership and communication skills. 🔸 Expertise in MEDDPICC sales process. Join us at Traceable and be part of an innovative team that’s revolutionizing API security. Ready to lead the charge? Apply today! https://bit.ly/4bE3dxb Questions? Reach out to our hiring team: [email protected] #hiring #cybersecurityjobs #jobs #careers #recruiting

Richard Bird, Traceable's Chief Security Officer, weighs in on the AT&T breach: "When it comes to security, the majority of the enterprise world is suffering from the most deadly of assumptions. They keep thinking that effort and results are the same thing. It doesn’t matter how much money, how many programs or how many audits a company has or passes. All that matters is results. And large enterprises like AT&T have shown time and again that they are eager to tout their security efforts but the results show that even the most basic of security controls are being missed. AT&T was “securing” an enormous customer database with just an account and password. This is security 101 type stuff. The time to focus on performance and results in security is here. Security for the purposes of checking boxes and being “compliant” has clearly failed."

It's time for the weekend news roundup! Each Sunday, we bring you the latest and most important updates in the API security and cybersecurity world. Here's a look at the top stories that made headlines last week: BleepingComputer reported on a Twilio breach via an unsecured API endpoint, which allowed hackers to verify the phone numbers of millions of Authy multi-factor users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. Get the story here: https://lnkd.in/g5YSRRkU Axios revealed more details about the AT&T data breach, reporting that hackers seized access to several months of AT&T call logs in a breach via Snowflake. Here is their report: https://lnkd.in/eerMeNna Dark Reading shared an article about the CISA takedown of Ivanti Systems. https://lnkd.in/gF5VRiRW In another report from Dark Reading, they reported that an Apple geolocation API exposes WiFi access points worldwide: https://lnkd.in/eZ6DMrsf The The Wall Street Journal reported that Google is near a $23 billion deal to acquire Wiz: https://lnkd.in/ej_4yp3z Have a great week ahead!

Our friends at Geodesic Capital have shared an insightful article on the cybersecurity challenges and opportunities in an AI-first world. Generative AI (GenAI) is revolutionizing enterprise technology, unlocking new capabilities and leveraging proprietary data across organizations. However, this innovation brings cybersecurity risks that need addressing as enterprises move from experimentation to production workloads. Key insights from the article include: 🔒 89% of IT security leaders are concerned about security vulnerabilities with third-party AI tools. ⚠️ 75% believe these integrations pose a greater risk than existing threats. 🛡️ Security concerns around data privacy and loss prevention are top challenges in adopting AI/ML. GenAI-related risks enhance existing attack vectors and enable new vulnerability exploitations. From sophisticated phishing and deep fakes to data poisoning and prompt injection, the landscape is rapidly evolving. Fortunately, many startups are rising to the challenge (like Traceable !), offering innovative solutions across the GenAI cybersecurity stack. Companies like Protect AI, HiddenLayer, Robust Intelligence, Lakera , Arize AI , Patronus AI, Credo AI, and Nightfall AI are developing tools and platforms to address these risks. Read the full article to explore these insights and discover how organizations can navigate the complex GenAI cybersecurity landscape effectively. 👉 https://bit.ly/3VZzXuP

Richard Bird, Chief Security Officer at Traceable, recently shared his expertise on the Risk Management podcast, providing valuable insights into API security and observability. Key topics discussed include: 🔍 The evolving landscape of API fraud in the banking and financial services sector 📊 Findings from Traceable's recent survey on API security 🛡️ Strategies financial institutions must adopt to protect their API ecosystems Some critical questions addressed: ❓ What are the most significant changes in PCI DSS 4.0 compared to previous versions? ❓ How important is determining an organization's merchant level in the compliance process? ❓ How should organizations approach defining the scope of their cardholder data environment (CDE)? ❓ What steps can businesses take to ensure they meet the March 2024 deadline for the first phase of PCI DSS 4.0? ❓ How can smaller businesses manage the potential costs and resource allocations needed for PCI DSS 4.0 compliance? Listen to the full episode to learn more about safeguarding your organization against unauthorized access, reputational damage, and financial loss. https://bit.ly/3zwnVS4

Join Us for the Get Smart | Chicago Workshop! The Traceable team is excited to invite you to our upcoming workshop at the Morningstar offices in the Loop. Join us to "Get Smarter" about API Security! 📅 Date: Tuesday, July 16 ⏰ Time: 12:00 PM - 6:00 PM CDT 📍 Location: Morningstar, 22 W Washington St #7, Chicago, IL 60602, USA 🎟️ Register here: https://lu.ma/nqd9vmxt This session is tailored for technical professionals and managers looking to deepen their expertise in detecting and protecting against API threats. You'll gain hands-on experience with real data, exploring the API security challenges related to visibility, detection, and protection. This is a unique opportunity to learn how Traceable discovers and protects against API security threats and to experience our platform first-hand. We look forward to seeing you there and enhancing your API security knowledge!

We at Traceable are deeply saddened by the passing of Steve King, CISM, CISSP, managing director of CyberEd.io. Steve was a true luminary in the cybersecurity industry, known for his relentless questioning of the status quo, and his ability to challenge traditional practices. In a special edition of the ISMG Editors' Panel, our own CSO, Richard Bird, joined Information Security Media Group (ISMG) editors to honor Steve’s legacy. Steve’s profound impact on the industry was highlighted through reflections on his contributions and the inspiration he provided to all who knew him. As Richard noted, “Steve was always questioning, always unsatisfied with rote answers, and that really struck up a great friendship with us.” Steve’s legacy will continue to inspire and guide the cybersecurity community. His ability to see beyond the surface and foster meaningful discussions made him a cherished mentor and friend to many. The panel, including Anna Delaney, Tom Field, Michael Novinson, and Chris Riotta, shared insights on several critical topics, from the unique security challenges posed by APIs in the financial services sector to the importance of key identity management strategies in protecting against ransomware attacks. We invite you to watch the video of this heartfelt discussion and join us in celebrating Steve’s remarkable contributions to our field. His work and dedication has left an indelible mark on us all.