Episode #003: Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper

James Cooper
James Cooper
Security Developer
Tash Postolovski
Tash Postolovski
Technical Marketing Manager
Episode #003: Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper
February 21, 2024

Unless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus.

As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet.

While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are multiple practical steps you can take to catch or mitigate the problem.

Related posts

Browse all articles
February 21, 2024

Australia’s New Gateway Security Guidance: What Leaders & SOC Teams Should Know

On 24 July 2025, the Australian Department of Home Affairs released a major update to its Protective Security Policy Framework (PSPF) as part of the Commonwealth Uplift Reforms, overhauling how government agencies secure their internet gateways. Gateways are the boundary systems controlling traffic between an organisation and the outside world. This update replaces the old Gateway Security Policy with a new, mandatory Gateway Security Standard, which sets minimum security standards that Commonwealth entities must apply for gateway capabilities. In tandem, the Australian Signals Directorate’s Cyber Security Centre (ASD’s ACSC) published updated guidance to align with the new standard and reflect modern security practices. As someone immersed in the challenges of government gateway security at Verizon for over 14 years, I believe the recent advice marks a dramatic shift in approach.

February 21, 2024

Creating CTI Like a Journalist

I'm going to argue that as CTI analysts, we often get lost in the middle of these technical woods and forget about the ultimate purpose of threat intel: our outputs. These are commonly called threat intelligence products; the reports, alerts, or briefings we send to help others make decisions and take action. So how do we stay focused on the real purpose of CTI: producing useful, actionable outputs? Consider the lessons from an occupation we’ve had lifelong exposure to: journalism.