Issue 231: API authentication bypass in Ivanti Sentry, Docker images expose API and keys | allinfosecnews.com

Oct. 18, 2023, 5:04 p.m. | Mark Dolan

API Security News apisecurity.io

This week, we have news of an API authentication bypass vulnerability in the Ivanti Sentry cybersecurity product and a report into Docker images that are exposing APIs and private keys. We also have articles on API security’s role in protecting retail apps, how APIs and generative AI interoperate, and how attackers bypass Web Application Firewalls. [...]

The post Issue 231: API authentication bypass in Ivanti Sentry, Docker images expose API and keys appeared first on API Security News …

api api authentication apis api security apps articles authentication authentication bypass bypass bypass vulnerability cybersecurity docker expose exposing generative images issue ivanti ivanti sentry keys newsletter archive private private keys product protecting report retail role security sentry vulnerability week

More from apisecurity.io / API Security News

Issue 247: Dropbox and Dell breaches, vulnerability in Next.js, API growth causing concerns 1 week, 2 days ago | apisecurity.io

api breach breaches dell +16

Issue 246: Critical flaw in API portal, securing GraphQL, building bulletproof APIs 3 weeks, 2 days ago | apisecurity.io

api apis api security application +20

Issue 245: Delinea patches API vulnerability, API vulnerability in Palo Alto devices 1 month ago | apisecurity.io

alto api api design api vulnerability +25

Issue 244: Threats to enterprises in the cloud, looming threats to APIs, API SDK generation … 1 month, 3 weeks ago | apisecurity.io

api apis articles challenges +13

Issue 243: Economics of API attacks, understanding CORS, blocking compromised API tokens 2 months ago | apisecurity.io

api api attacks apis articles +20

Issue 242: API governance to avoid tech sprawl, API security in digital transformation, AI for … 2 months, 2 weeks ago | apisecurity.io

age api api governance apis +16

Issue 241: Two critical flaws in FortiSIEM product, making public APIs private, API security strategy 3 months ago | apisecurity.io

api apis api security api security strategy +22

Issue 240: Spoutible API leakage, 15M Trello profiles scraped, API secret tokens leaked 3 months, 2 weeks ago | apisecurity.io

api api security atlassian big +19

Issue 239: Hugging Face API token breach, SonicWall firewalls exploit, Kubernetes API gateway guide 4 months ago | apisecurity.io

api api gateway api security api security checklist +20

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com