API Security Blog

Our expert view on all things API

Blog February 10th, 2023

An API State of Mind

Blog

An API State of Mind

The API Economy Application Programming Interfaces (API) are functions and resources that allow applications […]

> Read the blog post

Blog February 10th, 2023

Coinbase’s API Security Nightmare

Blog

Coinbase’s API Security Nightmare

Introduction Coinbase is the world’s largest cryptocurrency exchange. In Feb 2022, a bug in […]

> Read the blog post

Blog February 10th, 2023

OWASP API Security Top 10

Blog

OWASP API Security Top 10

Introduction APIs expose application functionality as well as sensitive data such as Personally Identifiable […]

> Read the blog post

Blog February 10th, 2023

Securing your APIs – The Development Stage

Blog

Securing your APIs – The Development Stage

Introduction This is the first of a three-part blog about the importance of the […]

> Read the blog post

Blog February 10th, 2023

Securing your APIs – The Production Stage

Blog

Securing your APIs – The Production Stage

Introduction This is the last of a three-part blog about the importance of the […]

> Read the blog post

Blog February 10th, 2023

Securing your APIs – The Testing Stage

Blog

Securing your APIs – The Testing Stage

Introduction This is the second of a three-part blog about the importance of the […]

> Read the blog post

Blog January 20th, 2023

Who Is Responsible for API Security?

Blog

Who Is Responsible for API Security?

Introduction Application Programming Interface (API) are software interfaces that allow apps to communicate. For […]

> Read the blog post

Blog January 12th, 2023

Why API Security Must Be a Top Concern

Blog

Why API Security Must Be a Top Concern

Massive API Growth APIs serve as the building blocks of modern application architectures and […]

> Read the blog post

Blog January 12th, 2023

Zero Trust Policies

Blog

Zero Trust Policies

Overview “Zero Trust” is a framework for securing infrastructure and data. It is the […]

> Read the blog post

Cookie	Duration	Description
__hssc	30 minutes	HubSpot sets this cookie to keep track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (which increments with each pageview in a session), and session start timestamp.
__hssrc	session	HubSpot cookie sets this cookie to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to store the user consent.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
_hjAbsoluteSessionInProgress	30 minutes	Hotjar sets this cookie to track the beginning of the user's journey for a total session count. It does not contain any identifiable information.
_hjIncludedInPageviewSample	2 minutes	Hotjar sets this cookie to know whether that visitor is included in the data sampling defined by your site's pageview limit.

Cookie	Duration	Description
__hstc	5 months 27 days	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	1 year 1 month 4 days	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjRecordingEnabled	never	Hotjar sets this cookie when a Recording starts and is read when the recording module is initialized, to see if the user is already in a recording in a particular session.
_hjRecordingLastActivity	never	Hotjar sets this cookie when a user recording starts and when data is sent through the WebSocket.
hubspotutk	5 months 27 days	HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
_hjIncludedInSessionSample_3388746	2 minutes	No description
_hjSession_3388746	30 minutes	No description
_hjSessionUser_3388746	1 year	No description
incap_ses_1177_2167377	session	No description
referrerd7_003	1 month	No description
visid_incap_2167377	1 year	No description

Coinbase’s API Security Nightmare

Coinbase’s API Security Nightmare

OWASP API Security Top 10

OWASP API Security Top 10

Securing your APIs – The Development Stage

Securing your APIs – The Development Stage

Securing your APIs – The Production Stage

Securing your APIs – The Production Stage

Securing your APIs – The Testing Stage

Securing your APIs – The Testing Stage

Who Is Responsible for API Security?

Who Is Responsible for API Security?

Why API Security Must Be a Top Concern

Why API Security Must Be a Top Concern

Zero Trust Policies

Zero Trust Policies

Just dropped…!