Tag
shadow-apis
Safeguard articles tagged "shadow-apis" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Application Security
How to Discover Shadow and Undocumented APIs Before Attackers Do
A single undocumented API endpoint exposed 10 million Optus records in 2022. Here's how to find shadow APIs in production and assess their real exposure.
Jul 10, 20266 min read
Application Security
API security and the rise of shadow/zombie APIs
Shadow and zombie APIs caused breaches at Optus, T-Mobile, and Peloton. Here's why code-scanning tools miss them and what API security best practices actually work.
Jun 26, 20267 min read
Industry Analysis
Improper Inventory Management: Shadow and Zombie APIs
Undocumented shadow APIs and forgotten zombie endpoints are quietly expanding attack surface. Here's why inventory gaps cause breaches like T-Mobile and Optus.
Nov 5, 20257 min read