Cybersecurity firm Salt Labs discovered a GraphQL API authorization vulnerability in a large B2B financial technology platform. It would give attackers the ability to submit unauthorized transactions ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...

APIs power modern applications from SaaS and web apps, to Internet of Things (IoT) and AI-driven services. As enterprises accelerate digital transformation, the need for seamless, scalable API ...

Authorization vulnerabilities are the most common critical finding in our API penetration tests. We find them on nearly every ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Every traditional web or mobile application requires API orchestration – the complex logic that coordinates how APIs are called, sequenced, cached, and secured. Over the last decade, GraphQL emerged ...

Application development has a long history of quick evolution and transformation, perhaps faster than any other industry. The tools we use to create and host our applications are constantly changing.

GraphQL, the Facebook-incubated data query language, is moving into its own open-source foundation. Like so many other similar open-source foundations, the aptly named GraphQL Foundation will be ...

GraphQL seems to be spreading like wildfire, and there's a reason for that. As REST APIs are proliferating, the promise of accessing them all through a single query language and hub, which is what ...

Hasura is an open-source engine that can connect to PostgreSQL databases and microservices across hybrid- and multi-cloud environments and then automatically build a GraphQL API backend for them, ...