Blog

Blog

JSON Web Tokens 101

By Corsha
on May 22, 2023

If you work with any kind of tech, chances are that you’ve heard of (and used) JSON web tokens. While using JSON web tokens is now almost ubiquitous with machine-to-machine (M2M) communications, it can be easy to take them for granted.

API Secrets,

secrets management

How to Bullet-proof API Security to Keep API Secrets Safe

By Corsha
on May 08, 2023

Organizations are leveraging APIs more than ever. In 2021, 90.5% of developers said they will expand their use of APIs. Organizations also planned to spend around $23.6 million on APIs and other related technologies in 2022.

machine identity,

zero trust

Why Zero Trust Must Include Machine Identity Management

By Corsha
on January 25, 2023

Zero trust is the gold standard for most cybersecurity practices. But achieving that gold standard – and achieving it consistently – is easier said than done. Gartner predicts that 60% of organizations will adopt zero trust architecture by 2025, but more than half will...

Corsha Survey Report: 50% of Security Respondents Have Experienced API-Related Breach – 50% Worry About One

authentication,

certificates,

API Secrets,

keys,

breach,

api gateway,

secrets management

Corsha Survey Report: 50% of Security Respondents Have Experienced API-Related Breach – 50% Worry About One

By Corsha
on January 19, 2023

Many security professionals have a problem with API secrets management practices. In fact, 50% of security professionals have experienced an API-related breach, while the other 50% worry about having one. This statistic is important to acknowledge because it clearly...

What We Learned From 2022’s API Attacks, Leaks, and Breaches

authentication,

certificates,

keys,

breach,

secrets management

What We Learned From 2022’s API Attacks, Leaks, and Breaches

By Corsha
on January 18, 2023

The drive for digital transformation has made APIs every organization’s MVP. They’re the glue that holds machine-to-machine communications together, facilitating the transfer of much-needed information from one machine to the next.

API Security Myth: The Bearer Model Is Enough

authentication,

API Secrets,

bearer model,

api gateway

API Security Myth: The Bearer Model Is Enough

By Corsha
on January 06, 2023

There’s a big problem with the bearer model. Let's explore where, why, and how the bearer model falls short when it comes to defending APIs from modern threats.

API Secrets,

breach

What We Can Learn From Toyota’s API Security Breach

By Corsha
on December 28, 2022

In January 2022, Gartner analysts predicted that API security would become a significant cybersecurity threat. And we’ve seen time and time again that that prediction was correct.

The API Secret Problem: How Companies are Spraying, Sprawling and Leaking Their Way Into Headlines

authentication,

API Secrets,

keys

The API Secret Problem: How Companies are Spraying, Sprawling and Leaking Their Way Into Headlines

By Corsha
on September 15, 2022

Over the course of the last few years there has been a steady increase in the number of data breaches resulting from compromised API keys. Bad actors seem to be able to quite easily get ahold of API keys, certificates and tokens in order to access sensitive data. These...

mTLS,

authentication,

certificates

What is mTLS and How Does It Work

By Corsha
on August 12, 2022

Securing communication over APIs between machines and the applications and services they run has always been a big priority for security and engineering teams. Protocols like SSL and TLS have provided enterprises with a way to encrypt data that is transferred within a...

Blog

The Story of Corsha

By Corsha
on April 04, 2022

We’re thrilled to announce Corsha’s $12M Series A financing, backed by 1011 Ventures, Razor’s Edge Ventures, and 1843 Capital. Corsha is bringing dynamic identity and MFA to APIs.

Signup

Get started today