API is safe? what is the alternative?

in #steemit6 years ago

"Considering the past few incidents where exchanges had attacks causing
platform users heavy losses. Encrybit team concluded that major vulnerabilities in successful attacks
were found to be in API transportation.

Attacking API and Web Service protocols are the simplest ways for hackers to get control of transactions and get in the system.

API is utilized for algorithms
and third party trading application where it opens a pool of connections, therefore, less secured
is a connection more are the chances of successful attacks.
Then how to stop that risk?
Encrybit is focusing more on the security aspects, therefore having multiple security advisors and information security experts in the team is a plus. With that Encrybit is getting security architecture
services from the best in the industry. The Encrybit security expert team make sure to harden the security layers with accurate SDLC methodology.

security assessment practices include
the secure and modularized coding methods, secured server infrastructure, application & server penetration testing, and ethical hacking practices to make sure the correct implementation of security standards.

GENERAL USER SECURITY
1.png
 Two Factor Authentication
 Wallet Address Whitelisting
 Withdrawal Authentication
 Device Authentication
 IP Whitelisting
 Multi Signature Wallet
 Anti-Phishing Alert

TECHNICAL LEVEL SECURITY
2.png
 Cross Site Scripting
 SQL Injection
 Remote OS Command Injection
 Buffer Overflow
 CRLF Injection
 Parameter Tempering
 Heart Bleed OpenSSL Vulnerability
 Cross-Domain Misconfiguration
 Advanced SQL Injection
 Generic Padding Oracle
 LDAP Injection
 Denial of Service (DDOS Attack)
 Relative Path Confusion

SYSTEM LEVEL SECURITY
3.png
 HWS certified cold and active storage for managing fund
 Regular security auditing for system upgrade and stability.
 Test environment for applying security related patches.
 Regular encrypted database and system image backup with full mirror functionality.
 API calls are wrapped with SSL encrypted and cryptographic sign to prevent any phishing attack"

Learn more and stay in touch with Encrybit via the following:
Website: https://encrybit.io/
Whitepaper: https://encrybit.io/pdf/encrybit-wp-v1.pdf
Litepaper: https://encrybit.io/pdf/litepaper.pdf
Telegram: https://t.me/encrybit
Twitter: https://twitter.com/enbofficial

Sort:  

Congratulations @tranhaison! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 1 year!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!