Escape

Sip, Savor, Secure: if you're in San Francisco on April 29 make sure to join our Security Uncorked Happy Hour ?? Vulnerabilities may never take a break, but you certainly deserve one. Join us for an afternoon filled with great food and drink, and even greater company! Security can feel like an endless race, and we're inviting you to put that on pause for an evening to relax, connect, and step back. Don't miss out on amazing chances to network, discover all of the surprises we have in store (and there are many ??), and enjoy some food and drinks all on us! Sign up now ?? https://lnkd.in/erbCDMss Miggo Security, GitGuardian, SplxAI, and Mend.io are co-sponsoring this event.

A five-star lunch and a deep dive into AI and API security? Who would say no! Only one week to go until our exclusive morning event in the Netherlands????? Don’t miss out on five-star insights and food, fascinating discussions and a great chance for networking with industry experts. Here’s what you have to look forward to:? ? Keynote by Rob Van der Deer, AI security star? ? Panel discussion with security leaders Anna Hackers (Philips), Curtis Koenig (Gen), Leandro Quibem Magnabosco (Ahold Delhaize), and Akansha S. (ABN Amro) ? Deep dive into data security with Matthew Radolec from Varonis and API security with Jean-Daniel PRINCE and Alexandra Charikova from Escape? ? Exclusive goodie bag??(the freebies keep coming!) Don’t miss out; places are limited so secure yours now??? https://lnkd.in/eQ4sNMTz ?? March 26, 2025? ?? Colosseum 9, 1213 NN Hilversum, Netherlands

What does the Medefer breach mean for API security? In a recent report, a whistleblower claimed that Medefer had an unprotected API that exposed patients' medical records from the NHS in the UK. Medefer is part of the NHS' e-referral system that transfers patient data. One of their APIs was accessible with no authorization ? This breaks fundamental business rules for protecting sensitive data (and embodies the OWASP API6 risk!) The CEO of Medefer said this vulnerability was not found in their penetration test months earlier. But why wait months to test? ? Pentests must be automated to continuously discover vulnerabilities as developers code them, not wait until it's too late So what does this vulnerability mean for Medefer's API security? ?? Hackers can automate calls to the API to extract personal data with no human intervention ??? Without request monitoring and alerts, they could even go undetected How do you prevent this becoming a breach? ?? Automate pentesting ?? Test for business logic to uncover access control and authorization issues ?? Implement rate-limiting to prevent brute-force scraping ?? Setup alerts for unusual API request patterns Discover more about how to ensure your APIs are secure with more articles here ?? https://lnkd.in/engrsJ7U

What do Escape's users appreciate the most on G2? The ease of integration ?? ? Gone are the days of developers having to wade through old code to fix vulnerabilities. Escape integrates seamlessly with your modern stack, including APIs, CI/CD, Wiz, and more ?? What does that mean? ?? Automatically detect vulnerabilities without slowing down deployments ?? Get security insights in minutes, not days ?? Save time with continuous, automated security testing ?? Developer-ready code snippets massively speed up remediation even further ?? Risk-based prioritization to focus on what actually matters ?? Scalability & Reliability – enjoy security that grows with your product without breaking workflows ?? Create your own workflows within the Escape tool In security, time (and sanity) are the most valuable things. Escape can help you and your developers save valuable time (and no more wild goose chases) so you can actually tackle what matters: remediation. As fast as possible. Discover more about how Escape can streamline and scale your security now ?? https://lnkd.in/eJ7AFF8S

In SF on April 29? Join us for the Security Uncorked Happy Hour ?? Prepare for an afternoon filled with aged wine (not aged vulnerabilities), incredible networking opportunities, and many surprises! As a security professional, you're always learning—how to secure new technologies, respond to zero days, and blind-taste your developers’ code (just like a sommelier preparing for their exam). We’re inviting you to?unwind, de-stress, and connect—one glass at a time. Enjoy great company, food, and drinks, all on us! Sign up here: https://lnkd.in/etu3uMWW This event is co-sponsored with Miggo Security, GitGuardian, SplxAI, Mend.io

How do you test and secure internal applications without disrupting your infrastructure? With Private Locations ?? Securing public applications is a given, but internal applications hidden behind firewalls, VPNs, or private networks are just as vulnerable. That’s why we built Private Locations - a powerful feature in Escape’s API security platform that enables seamless, secure security testing for internal applications without exposing them to the internet. ?? How do Private Locations work? At the core is the Escape Repeater, a lightweight tool that creates a secure reverse tunnel between Escape and your internal network, allowing you to scan, assess, and protect internal APIs, front-end apps, and SPAs effortlessly. ?? What’s New? Introducing Enhanced Private Locations! ?? Recently, we’ve taken things to the next level with: ? WebSocket Support – Internal APIs using WebSockets can now be fully tested for security vulnerabilities. ? Escape CLI Integration – Private Locations are now available through the Escape CLI, streamlining workflows and simplifying deployment. ?? Key Benefits of Private Locations ?? Unified Tooling - The Escape CLI now consolidates API interactions and Private Location management in a single binary, making it much less complex. ?? Improved Stability - Enjoy more reliable health checks and enhanced frontend DAST stability. ?? Easier Setup - No more manual repeater ID creation and no need for Node.js installation. ?? Enhanced Transparency - The Escape CLI is open-source, auditable, and includes direct log access from the Escape front-end. Don't neglect your internal applications! With Enhanced Private Locations, security teams can have greater visibility, better testing capabilities, and a smoother experience securing them. Want to find out more? Get started with Escape now ?? https://lnkd.in/eJ7AFF8S

Are you responsible for security at a HealthTech company? With so much protected healthcare information running through your applications, third-party connections everywhere, and health records being exchanged left, right, and centre, ensuring security and compliance can feel scary. It doesn't have to be. We've created a digestible one-stop guide to protecting your modern healthcare applications in line with key frameworks like HIPAA. Discover: ? The risks of non-compliance ? Recent regulations and why they apply to fintech ? How to tackle API security for HIPAA ? The HealthTech security checklist of what you need and how to implement it ? The tools you need to meet requirements ? How to go beyond tick-box compliance and build security into your processes Scroll through now ??

The best connections happen in person, and we’re excited to expand beyond webinars and blogs with a lineup of in-person events across the US and Europe, as well as ways to travel away from your legacy DAST. Discover them in our new newsletter ??

Come see us at Forum INCYBER Europe (FIC) this year ?? Be sure to catch the Escape team - Jean-Daniel PRINCE, Bryan BROUTA, Antoine Carossio, Tristan Kalos, Alexandra Charikova - at Stand F17-11 for all three days of this year's InCyber Forum Europe! Discover how Escape's DAST can help you uncover business logic vulnerabilities, see our proprietary algorithm in action, and come chat all things modern application security ?? We can't wait to see you there.

One day to go! ?? Following International Women's Day this weekend, we are so excited to be part of the conversation of bringing more women into cybersecurity. And what's the best way to do this? By highlighting the women who have made strides in the industry and see them give invaluable advice to those wanting to join or move up! Our very own Alexandra Charikova is part of tomorrow's panel of women in cyber, and here's the incredible lineup you can expect: ?? Sales:?Helene Hartmann (GitGuardian) ?? GRC: Cécilia Henry Audebrand (L?vell) ?? CISO: Irène Kleiber (Malt) ?? Legal: Garance Mathias (Mathias Avocats) ??Application Security: Marine du Mesnil (Theodo) If you're looking to meet other women in cyber, want to propel yourself in the industry, or even want to find out how to improve the recruitment of women on your security team, this event is not to be missed! With only 16 spots, make sure you get your free ticket now ?? https://lnkd.in/exM2vnev ?? Where?: Bpifrance (6-8 bd Haussmann, 75009 Paris) ? When?: Doors open at 6:30 PM | Roundtable starts at 7:00 PM