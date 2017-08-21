Longtime API Security Champion Praises OWASP Community for Listing "Underprotected APIs" in RC1; Sponsors Premier AppSec USA 2017 Conference

BOSTON, Aug. 21, 2017 /PRNewswire/ --Forum Systems Inc., a pioneer in API security technology, today celebrated the Open Web Application Security Project (OWASP) community for including 'Underprotected APIs' in the OWASP Top 10 - 2017 RC1 list of most critical web application security risks.

OWASP's recognition of API security as A10 in its flagship project underscores APIs' unquestioned ubiquity and business value. Moreover, its inclusion amplifies the criticality of ensuring that APIs are robustly protected from an explosively expanding landscape of security threats and vulnerabilities that target them.

"For more than 16 years, we have been espousing the importance of API security. But, high-profile hacks of the Nissan Leaf, Polish Financial Supervision Authority and social networking app Wishbone exemplify how companies in the API economy continue to provide services on APIs that are all too susceptible to compromise and malicious access," said Mamoon Yunus, CEO of Forum Systems. "We take tremendous pride in OWASP validating our mission, and commend the community for its exemplary work in highlighting APIs as a primary threat vector with significant and wide-ranging impacts for application and data security."

Yunus continued: "However, this is only the first step in elevating API security into the mainstream consciousness of IT professionals. With their foundational role in fueling cloud, mobility and IoT, APIs - and their attack surface areas - will only continue to expand. Given those dynamics, we believe that 'Underprotected APIs' should and will be ratified in the OWASP Top 10 2017 Edition. We ask that our industry peers join us in playing an immediate, instrumental role in bringing that to fruition."

Currently, OWASP is soliciting further input from the greater community to help finalize the Top 10. Forum Systems encourages development and security professionals to contribute to the discussion by participating in several key OWASP initiatives, including:

Completing the following survey: OWASP Top 10 2017 Edition Survey for New Vulnerability Categories

Adding items, comments and data to GitHub:OWASP Top 10

Submitting vulnerability data: OWASP Top 10 2017 Data

OWASP is a worldwide free and open community focused on improving the security of application software. Notably, the 2017 release of the OWASP Top 10 will mark the community's fourteenth year of raising awareness of the importance of application security risks.

Next month, Forum Systems will sponsor the OWASP-hostedAppSec USA 2017in Orlando, Florida. Taking placeSeptember 19-22, the annual event is the premier application security conference for developers and security experts, and represents one of the largestsources of funding to help advance all of thefree, open source OWASP projects.

