Contact Us

Web API Security: A story of authentication, God’s Eye View, and corporate espionage

By Michael Barrett on Apr 18, 2017 3:56:00 PM

Hi, Michael Barrett here, CEO and co-founder of Stealth Security.

As a security guy, I tend to think of the world through a relatively simple lens, and use mental models that have worked for our industry before. I have long suspected that we have been ignoring — or at least oversimplifying — the problem of web API security. And then, last week, there was a case-study making announcement about the discovery of the so-called Hell application, that was allegedly used by Uber to identify Lyft driver locations as well as which drivers used both services. I am not going to comment on the allegations themselves except to note that many CISOs run into situations occasionally that make them ask (usually just to themselves) “what were they thinking?”…

Continue Reading