Episode #003: Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper

James Cooper
James Cooper
Security Developer
Tash Postolovski
Tash Postolovski
Technical Marketing Manager
Episode #003: Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper
February 21, 2024

Unless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus.

As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet.

While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are multiple practical steps you can take to catch or mitigate the problem.

Related posts

Browse all articles
February 21, 2024

Episode #004: How ChatGPT Could Transform the CTI Analyst Role with Chris Horsley

Cosive CTO Chris Horsley conducted early experiments using ChatGPT to help assign ATT&CK IDs to threat intelligence reports. While the tool won’t replace an experienced analyst as of today, it will likely change the way we do this kind of work.

February 21, 2024

Cosive Partners With Feedly for Threat Intelligence

Cosive has partnered with Feedly! In this post, we’ll talk about how Feedly for Threat Intelligence helps cyber threat intel (CTI) teams collect, prioritise, and share threat intelligence into their tools and why we like it so much here at Cosive as CTI specialists.