We Hack Purple Blog

API10:2019 Insufficient Logging & Monitoring

In the previous post we covered API9:2019 Improper Assets Management, which was...

API9:2019 Improper Assets Management

In the previous post we covered API8:2019 Injection, which was the 8th...

API8:2019 Injection

In the previous post we covered API7:2019 Security Misconfiguration, which was the...

API7:2019 Security Misconfiguration

In the previous post we covered API6:2019 Mass Assignment, which was the...

API6:2019 Mass Assignment

In the previous post we covered API5:2019 Broken Function Level Authorization, which...

API5:2019 Broken Function Level Authorization

In the previous post we covered API4:2019 Lack of Resources & Rate...

API4:2019 Lack of Resources & Rate Limiting

In the previous post we covered API3:2019 Excessive Data Exposure, which was...

API3:2019 Excessive Data Exposure

In the previous post we covered API2:2019 Broken User Authentication, which was...

API2:2019 Broken User Authentication

In the previous post we covered API1:2019 Broken Object Level Authorization, which...

The OWASP API Security Top Ten: API1:2019 Broken Object Level Authorization

The following blog series will be on the OWASP API Security Top...

Conclusion: Security Champions

In the previous article we talked about Metrics, and in this article,...

DevSecOps War Stories

DevSecOps is a marketing buzzword word now, but it wasn't always. Just...