Blog

Composable Security APIs highlighted in new Gartner Hype Cycle report. As cloud applications grow and AI-powered software becomes more prevalent, a Composable Security API approach to security is essential for building and scaling your apps efficient...

Sep 10, 2024

Your data has been exposed—and not because of a classic bug, but because your LLM accidentally leaked it. Sensitive information disclosure is a growing concern, especially with the rise of Large Language Models (LLMs) in our apps. This vulnerability ...

Sep 5, 2024

In the ever-evolving landscape of AI code generation and developer assistance tools, providing users with accurate and relevant information quickly is crucial. To help ensure that developers can swiftly and easily add security features to their produ...

Sep 5, 2024

What is authorization (AuthZ)? Authorization is a cornerstone of enterprise security. It dictates who can access specific resources, what actions they can perform, when, and the authorization logic can be as rigorous as to include attributes such as ...

Sep 4, 2024

Account takeover (often abbreviated as ATO) is a compromise where a user has lost control of their authentication credentials resulting in them being exposed to malicious actors. These credentials are then used to commit data theft, fraud, and other ...

Sep 3, 2024

"Your data may have been exposed". The reason you hear this statement is to meet compliance with the Health Insurance Portability and Accountability Act (HIPAA). This law is a critical aspect of protecting sensitive patient information and identifia...

Aug 22, 2024

Audit logs are a critical component of enterprise systems, providing a detailed record of activities within an information system. They serve as the backbone for security monitoring, compliance, and operational analysis, making them indispensable for...

Aug 21, 2024

Extend Auth0 log retention to 10 years in under 2 mins! While Auth0 by Okta offers up to 30 days of log retention, your app likely needs more - often to become compliant with SOC2, HIPAA, and others. Extend Auth0 log retention to up to 10 years with ...

Jul 24, 2024

“We had 100 signups today!” is one of the most beautiful things you can hear as a young startup. It’s a sign that you’re doing something right. Your product solves a real problem. Your marketing is getting in front of the right people. Your signup fl...

Jul 18, 2024

Businesses face a growing number of security threats, however, despite wide rollout of multi-factor authentication (MFA) and a wide compliance level focus on password policies, credential compromise remains a significant threat. Monitoring for creden...

Jun 17, 2024

In a world where hackers are trying to brute force user accounts (23andMe breach 2023), it is vital for developers to maintain a long-lasting and tamper-proof audit log of all authentication events to keep their apps secure. While many companies use ...

Jun 7, 2024

Pangea joins GitHub Copilot Extensions Partner Program We are thrilled to join the GitHub Copilot Partner Program and launch the Pangea extension for Github Copilot, which Microsoft CEO Satya Nadella announced at the Microsoft Build 2024 Keynote. Mil...

Jun 1, 2024

At first glance, authorization seems easier than authentication. After all, with authentication you have to worry about user onboarding, social auth, MFA, password resets, and more. Authorization starts from the simple question of: “Can this user see...

May 28, 2024

Palo Alto, California — May 21, 2024 —Pangea, the leader in Composable Security APIs for application development, today announced its participation in the Copilot Partner Program and the limited public beta of the Pangea extension for Github Copilot,...

May 21, 2024

Thanks to everyone who participated in the Pangea Securathon Showdown hosted on Devpost! I was blown away by the 470+ registrants and the distinctive collection of projects that users submitted in just 6 short weeks. Your contributions creatively cov...

May 13, 2024

I’ve lost count of how many RSA Tokens, Yubikeys, and the like I’ve collected, lost, misplaced, replaced, and cursed over the years. While they’re exceptionally secure, they’re a pain for both administrators to deploy and users to keep track of. Eith...

May 13, 2024

Passkeys, passkeys, passkeys! Everyone's talking about them. With Amazon rolling out passkeys last year and Google encouraging users to make them the default authentication method, it raises the question: How do I add them to my app? How do passkeys ...

May 10, 2024

Passkeys, passkeys, passkeys! Everyone's talking about them. With Amazon rolling out passkeys last year and Google encouraging users to make them the default authentication method, it raises the question: How do I add them to my app? How do passkeys ...

May 10, 2024