<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0"><channel><title>Peakhour.IO - API Security</title><link>https://www.peakhour.io/</link><description></description><lastBuildDate>Fri, 19 Jun 2026 00:00:00 +1000</lastBuildDate><item><title>An Operating Model for API and Account Protection</title><link>https://www.peakhour.io/blog/api-account-protection-operating-model/</link><description>&lt;p&gt;API and account protection works best as an operating model: map routes, classify signals, choose proportionate actions, preserve evidence, and tune controls from monitor to enforce.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/api-account-protection-operating-model/</guid><category>API Security</category><category>API Security</category><category>Account Protection</category><category>Log Forwarding</category><category>Rate Limiting</category><category>Contextual Security</category><category>Traffic Control</category></item><item><title>API Bot Abuse Does Not Stay in One Endpoint</title><link>https://www.peakhour.io/blog/api-bot-abuse-login-checkout-account-journeys/</link><description>&lt;p&gt;API bot abuse moves across login, checkout, and account journeys. Defenders need route-aware bot, rate, and account controls that follow the campaign rather than treating each endpoint as a separate incident.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/api-bot-abuse-login-checkout-account-journeys/</guid><category>API Security</category><category>API Bot Protection</category><category>Bot Management</category><category>Account Protection</category><category>Rate Limiting</category><category>API Security</category><category>Threat Detection</category></item><item><title>API Protection and Account Protection Are One Request-Path Problem</title><link>https://www.peakhour.io/blog/api-protection-account-protection-request-path/</link><description>&lt;p&gt;Account protection does not stop at the login form. The same request path carries API, bot, rate, token, and account-risk evidence, and that is where the decision needs to happen.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/api-protection-account-protection-request-path/</guid><category>API Security</category><category>API Security</category><category>Account Protection</category><category>Bot Management</category><category>Rate Limiting</category><category>Threat Detection</category><category>Fraud Prevention</category></item><item><title>The Real Cost of Breached Credentials</title><link>https://www.peakhour.io/blog/cost-of-breached-credentials/</link><description>&lt;p&gt;Breached credentials keep creating cost after the original breach. They feed credential stuffing, account takeover, fraud, support, and reputation costs across login, recovery, checkout, and API flows.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/cost-of-breached-credentials/</guid><category>Account Protection</category><category>Account Protection</category><category>Credential Stuffing</category><category>Breached Credentials</category><category>Fraud Prevention</category><category>Bot Management</category><category>API Security</category><category>Residential Proxies</category></item><item><title>Credential Stuffing Does Not Stop at the Login Form</title><link>https://www.peakhour.io/blog/credential-stuffing-after-the-login/</link><description>&lt;p&gt;Credential stuffing risk continues after a password works. Account protection needs to watch password reset, email change, stored payment, gift card, and checkout flows.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/credential-stuffing-after-the-login/</guid><category>API Security</category><category>API Security</category><category>Account Protection</category><category>Credential Stuffing</category><category>Bot Management</category><category>Breached Credentials</category><category>Fraud Prevention</category></item><item><title>Fingerprints Are Evidence, Not Identity</title><link>https://www.peakhour.io/blog/fingerprints-are-evidence-not-identity/</link><description>&lt;p&gt;Browser and network fingerprints are useful security evidence, but they should not be treated as proof of a person's identity.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/fingerprints-are-evidence-not-identity/</guid><category>API Security</category><category>API Security</category><category>Fingerprinting</category><category>Bot Management</category><category>Account Protection</category><category>Network Fingerprinting</category><category>Browser Fingerprinting</category></item><item><title>Account Security Without Tracking People</title><link>https://www.peakhour.io/blog/privacy-respecting-account-security-risk-signals/</link><description>&lt;p&gt;Safer logins do not require treating people as products. Account defence should use minimised, purpose-bound risk signals and proportionate decisions.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/privacy-respecting-account-security-risk-signals/</guid><category>API Security</category><category>API Security</category><category>Account Protection</category><category>Contextual Security</category><category>Privacy</category><category>Fingerprinting</category><category>Risk-Based Authentication</category></item><item><title>How Residential Proxies Changed API and Account Abuse</title><link>https://www.peakhour.io/blog/residential-proxies-api-account-abuse/</link><description>&lt;p&gt;Residential proxies have changed account abuse from obvious bursts into distributed, low-noise workflows across login, account, and API routes. Treat proxy use as a risk signal, not a blunt block rule.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/residential-proxies-api-account-abuse/</guid><category>API Security</category><category>API Security</category><category>Account Protection</category><category>Residential Proxies</category><category>Bot Management</category><category>Rate Limiting</category><category>Threat Detection</category></item><item><title>Shadow APIs Are Account-Abuse Paths</title><link>https://www.peakhour.io/blog/shadow-apis-account-abuse/</link><description>&lt;p&gt;Shadow APIs matter because attackers do not care whether a route is documented. Mobile, partner, browser-backed, and legacy APIs can all become account-abuse paths when they remain outside normal controls.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jun 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-06-19:/blog/shadow-apis-account-abuse/</guid><category>API Security</category><category>API Security</category><category>Shadow APIs</category><category>Account Protection</category><category>Bot Management</category><category>Threat Detection</category><category>DevSecOps</category></item><item><title>Price Transparency Is Now a Data Access Problem</title><link>https://www.peakhour.io/blog/price-transparency-apis-grey-zone-automation/</link><description>&lt;p&gt;Price comparison increasingly depends on current web and API data. Retailers need bot and API controls that can distinguish intended automated access from uncontrolled extraction.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 18 May 2026 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2026-05-18:/blog/price-transparency-apis-grey-zone-automation/</guid><category>API Security</category><category>API Security</category><category>Bot Management</category><category>Scraping Protection</category><category>Price Transparency</category><category>Automation</category><category>E-commerce</category></item><item><title>Agentic AI vs. Your API</title><link>https://www.peakhour.io/blog/agentic-ai-vs-your-api/</link><description>&lt;p&gt;Understand the shift from scripted bots to reasoning AI agents and how to adapt your security strategy for this new reality.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 01 Sep 2025 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-09-01:/blog/agentic-ai-vs-your-api/</guid><category>AI</category><category>Bot Management</category><category>API Security</category><category>Threat Detection</category><category>DevSecOps</category><category>Machine Learning</category><category>Credential Stuffing</category></item><item><title>Beyond the IP Address</title><link>https://www.peakhour.io/blog/beyond-the-ip-address-advanced-rate-limiting/</link><description>&lt;p&gt;Discover why traditional IP-based rate limiting is obsolete and how advanced techniques provide robust protection against modern distributed attacks.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 01 Sep 2025 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-09-01:/blog/beyond-the-ip-address-advanced-rate-limiting/</guid><category>Rate Limiting</category><category>Rate Limiting</category><category>DDoS</category><category>API Security</category><category>Residential Proxies</category><category>Bot Management</category><category>Account Protection</category></item><item><title>Key Considerations for Effective Bot Management</title><link>https://www.peakhour.io/blog/key-considerations-effective-bot-management/</link><description>&lt;p&gt;With nearly half of all internet traffic being automated, a robust bot management strategy is essential. This article explores the key considerations for effective bot detection, classification, and response in the face of evolving threats.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 01 Sep 2025 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-09-01:/blog/key-considerations-effective-bot-management/</guid><category>Bots</category><category>Bot Management</category><category>Threat Detection</category><category>API Security</category><category>Residential Proxies</category><category>Credential Stuffing</category><category>Account Protection</category></item><item><title>The Bot Spectrum</title><link>https://www.peakhour.io/blog/the-bot-spectrum-good-bad-grey-bots/</link><description>&lt;p&gt;Learn to classify bots into good, bad, and grey categories and apply the right management strategy for each.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 01 Sep 2025 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-09-01:/blog/the-bot-spectrum-good-bad-grey-bots/</guid><category>Bots</category><category>Bot Management</category><category>API Security</category><category>Threat Detection</category><category>DDoS</category><category>Residential Proxies</category><category>Rate Limiting</category></item><item><title>How to Use Bot Management for IAM Use Cases</title><link>https://www.peakhour.io/blog/bot-management-for-iam-use-cases/</link><description>&lt;p&gt;Bots are part of account takeover, fraud, scraping, and other abuse. Identity and access management leaders need a clear business case for bot management, or their organisations face avoidable account takeover losses and will be less prepared for the risks introduced when customers use AI agents.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 20 Aug 2025 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-08-20:/blog/bot-management-for-iam-use-cases/</guid><category>Security</category><category>Bot Management</category><category>Account Protection</category><category>Credential Stuffing</category><category>API Security</category><category>Threat Detection</category><category>Fraud Prevention</category></item><item><title>How AI Agents Are Writing Custom Exploits</title><link>https://www.peakhour.io/blog/ai-agents-custom-exploits/</link><description>&lt;p&gt;AI agents with reasoning capabilities like DeepSeek are revolutionizing exploit development, marking the end of traditional security approaches based on static rules and patterns.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 17 Feb 2025 14:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-02-17:/blog/ai-agents-custom-exploits/</guid><category>Security</category><category>Application Security</category><category>Threat Detection</category><category>DevSecOps</category><category>Bot Management</category><category>API Security</category><category>DDoS</category></item><item><title>When Bots Are Your Primary Users</title><link>https://www.peakhour.io/blog/future-of-apis-bot-primary-users/</link><description>&lt;p&gt;An exploration of how AI agents are reshaping API design principles and why we must evolve our approach to serve both machine and human consumers.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 12 Feb 2025 14:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-02-12:/blog/future-of-apis-bot-primary-users/</guid><category>Security</category><category>Bot Management</category><category>API Security</category><category>Machine Learning</category></item><item><title>Data-Driven Risk Management</title><link>https://www.peakhour.io/blog/data-driven-risk-management-contextual-security/</link><description>&lt;p&gt;How Peakhour's contextual security aligns with Visa's data-driven risk management approach in the 2025-2028 Security Roadmap.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 07 Feb 2025 00:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-02-07:/blog/data-driven-risk-management-contextual-security/</guid><category>Account Protection</category><category>Account Protection</category><category>Application Security</category><category>Credential Stuffing</category><category>API Security</category><category>Threat Detection</category><category>PCI DSS</category></item><item><title>Did Residential Proxies enable a $600 Billion loss?</title><link>https://www.peakhour.io/blog/residential-proxies-deepseek/</link><description>&lt;p&gt;How residential proxy networks may have enabled DeepSeek to bypass AI platform protections, leading to Nvidia's historic market value loss&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 31 Jan 2025 00:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-01-31:/blog/residential-proxies-deepseek/</guid><category>Residential Proxies</category><category>Residential Proxies</category><category>CDN</category><category>Bot Management</category><category>Machine Learning</category><category>API Security</category><category>Threat Detection</category></item><item><title>Preventing Enumeration Attacks</title><link>https://www.peakhour.io/blog/preventing-enumeration-attacks-visa-roadmap/</link><description>&lt;p&gt;An analysis of how Peakhour's solutions help prevent enumeration attacks, aligning with Visa's Security Roadmap 2025-2028 priorities.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 24 Jan 2025 00:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2025-01-24:/blog/preventing-enumeration-attacks-visa-roadmap/</guid><category>Security</category><category>Account Protection</category><category>Credential Stuffing</category><category>PCI DSS</category><category>API Security</category><category>Fraud Prevention</category><category>Threat Detection</category></item><item><title>Managing Bots For Application Security</title><link>https://www.peakhour.io/blog/enterprise-bot-management-application-security/</link><description>&lt;p&gt;Comprehensive guide to enterprise bot management for modern application security platforms. Learn how to protect applications and APIs from sophisticated bot threats including anti-detect browsers, credential stuffing, and automated attacks targeting DevOps environments.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Sun, 15 Sep 2024 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-09-15:/blog/enterprise-bot-management-application-security/</guid><category>Bots</category><category>Bot Management</category><category>API Security</category><category>Credential Stuffing</category><category>Account Protection</category><category>DevSecOps</category><category>Application Security</category></item><item><title>The Challenge of Proxy Detection</title><link>https://www.peakhour.io/blog/proxy-detection-challenges-existing-solutions/</link><description>&lt;p&gt;Examine why current security solutions fail to detect and mitigate threats from residential proxies, and the need for comprehensive protection strategies.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 19 Jul 2024 10:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-07-19:/blog/proxy-detection-challenges-existing-solutions/</guid><category>Residential Proxies</category><category>Residential Proxies</category><category>Bot Management</category><category>Credential Stuffing</category><category>Account Protection</category><category>API Security</category><category>Threat Detection</category></item><item><title>Account Protection and User Experience in Web Applications</title><link>https://www.peakhour.io/blog/frictionless-customer-experiences/</link><description>&lt;p&gt;Explore strategies to enhance web application security without compromising user experience, focusing on contextual security and adaptive authentication measures.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 17 Jul 2024 10:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-07-17:/blog/frictionless-customer-experiences/</guid><category>Account Protection</category><category>Account Protection</category><category>Credential Stuffing</category><category>Application Security</category><category>Fraud Prevention</category><category>API Security</category><category>Magento</category></item><item><title>2024 Survey Insights</title><link>https://www.peakhour.io/blog/credential-stuffing-and-account-takeover-survey-2024/</link><description>&lt;p&gt;Our 2024 survey of Australian CISOs and CTOs looks at how businesses are approaching account protection, particularly credential stuffing and residential proxies.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Tue, 16 Jul 2024 10:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-07-16:/blog/credential-stuffing-and-account-takeover-survey-2024/</guid><category>Account Protection</category><category>Account Protection</category><category>Credential Stuffing</category><category>Residential Proxies</category><category>API Security</category><category>Bot Management</category><category>DevSecOps</category></item><item><title>2024 Survey Insights</title><link>https://www.peakhour.io/blog/credential-stuffing-and-account-takeover-survey-2024-full/</link><description>&lt;p&gt;Survey data from Australian CISOs and CTOs shows broad MFA adoption, lower bot protection uptake, and early attention on residential proxy detection for credential stuffing and account takeover risk.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Tue, 16 Jul 2024 10:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-07-16:/blog/credential-stuffing-and-account-takeover-survey-2024-full/</guid><category>Account Protection</category><category>Account Protection</category><category>Credential Stuffing</category><category>Residential Proxies</category><category>API Security</category><category>Fraud Prevention</category><category>Bot Management</category></item><item><title>Application Security Beyond MFA</title><link>https://www.peakhour.io/blog/why-mfa-is-an-incomplete-defence/</link><description>&lt;p&gt;MFA helps, but it does not stop social engineering, residential proxy abuse, credential stuffing, or session risk on its own.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 15 Jul 2024 10:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-07-15:/blog/why-mfa-is-an-incomplete-defence/</guid><category>Account Protection</category><category>Account Protection</category><category>Credential Stuffing</category><category>Bot Management</category><category>API Security</category><category>Residential Proxies</category><category>Threat Detection</category></item><item><title>Addressing Key Cloud Security Categories</title><link>https://www.peakhour.io/blog/peakhour-cloud-security-post-wiz/</link><description>&lt;p&gt;An analysis of Peakhour's role in addressing key cloud security categories identified in recent industry analysis, demonstrating its comprehensive approach to modern cloud security challenges.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 01 May 2024 10:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-05-01:/blog/peakhour-cloud-security-post-wiz/</guid><category>Security</category><category>API Security</category><category>Threat Detection</category><category>Account Protection</category><category>DevSecOps</category><category>Application Security</category><category>CDN</category></item><item><title>Managing Breached Credential Usage</title><link>https://www.peakhour.io/blog/breached-credentials-protection-application-security-platform/</link><description>&lt;p&gt;How breached credential checks and risk signals help detect credential stuffing without adding unnecessary login friction.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 15 Mar 2024 00:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-03-15:/blog/breached-credentials-protection-application-security-platform/</guid><category>Account Protection</category><category>Credential Stuffing</category><category>Account Protection</category><category>DevSecOps</category><category>Application Security</category><category>Threat Detection</category><category>API Security</category></item><item><title>Rate Limiting for API Security</title><link>https://www.peakhour.io/blog/introducing-advanced-rate-limiting/</link><description>&lt;p&gt;How advanced rate limiting protects modern applications and APIs from sophisticated threats including proxy networks, distributed attacks, and automated abuse in enterprise security environments.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 24 Jan 2024 13:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2024-01-24:/blog/introducing-advanced-rate-limiting/</guid><category>Application Security</category><category>Rate Limiting</category><category>API Security</category><category>DDoS</category><category>Residential Proxies</category><category>Bot Management</category><category>Threat Detection</category></item><item><title>HTTP Security Headers</title><link>https://www.peakhour.io/blog/http-security-headers-web-application-protection/</link><description>&lt;p&gt;Comprehensive guide to HTTP security headers for protecting web applications from client-side attacks. Learn essential browser security configurations for modern application security platforms and DevSecOps workflows.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Tue, 28 Nov 2023 14:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-11-28:/blog/http-security-headers-web-application-protection/</guid><category>Security</category><category>Application Security</category><category>Account Protection</category><category>API Security</category><category>Credential Stuffing</category><category>Drupal</category><category>DDoS</category></item><item><title>Google Chrome's "IP Protection" vs Apple Private Relay</title><link>https://www.peakhour.io/blog/apple-private-relay-vs-google-ip-protection/</link><description>&lt;p&gt;An exploration of Google Chrome's new "IP Protection" feature and a comparison with Apple's iCloud Private Relay.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 25 Oct 2023 13:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-10-25:/blog/apple-private-relay-vs-google-ip-protection/</guid><category>Security</category><category>Residential Proxies</category><category>API Security</category><category>Account Protection</category><category>GDPR</category><category>Fingerprinting</category><category>Bot Management</category></item><item><title>Google Chrome's "IP Protection" and Online Privacy</title><link>https://www.peakhour.io/blog/google-chrome-ip-protection-and-online-privacy/</link><description>&lt;p&gt;An exploration of Google Chrome's new "IP Protection" feature, its promise of enhanced privacy.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Tue, 24 Oct 2023 13:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-10-24:/blog/google-chrome-ip-protection-and-online-privacy/</guid><category>Security</category><category>Residential Proxies</category><category>Account Protection</category><category>API Security</category><category>DDoS</category><category>Fingerprinting</category><category>Bot Management</category></item><item><title>ModSecurity’s End-of-Life</title><link>https://www.peakhour.io/blog/modsecurity-eol-modern-application-security-platforms/</link><description>&lt;p&gt;ModSecurity's end-of-life marks a pivotal moment in application security evolution. Discover how modern Application Security Platforms are advancing beyond traditional WAF approaches to provide comprehensive protection for web applications and APIs at the edge.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 16 Oct 2023 13:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-10-16:/blog/modsecurity-eol-modern-application-security-platforms/</guid><category>Security</category><category>Application Security</category><category>DevSecOps</category><category>API Security</category><category>DDoS</category><category>Threat Detection</category><category>SOC 2</category></item><item><title>Understanding the HTTP/2 Rapid Reset Attack</title><link>https://www.peakhour.io/blog/http-rapid-reset-attack/</link><description>&lt;p&gt;A comprehensive breakdown of the HTTP/2 Rapid Reset flaw and guidance on bolstering defences against potential DDoS attacks.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 11 Oct 2023 00:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-10-11:/blog/http-rapid-reset-attack/</guid><category>Security</category><category>DDoS</category><category>Rate Limiting</category><category>DNS</category><category>API Security</category><category>Bot Management</category><category>Threat Detection</category></item><item><title>Headless Commerce Security</title><link>https://www.peakhour.io/blog/headless-commerce-security-api-protection/</link><description>&lt;p&gt;Comprehensive analysis of security challenges in headless commerce and Single Page Applications. Learn how to protect modern e-commerce APIs and microservices architectures from scraping, fraud, and automated attacks.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">Dan</dc:creator><pubDate>Wed, 28 Jun 2023 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-06-28:/blog/headless-commerce-security-api-protection/</guid><category>Security</category><category>API Security</category><category>Magento</category><category>Account Protection</category><category>Drupal</category><category>Application Security</category><category>Bot Management</category></item><item><title>Enterprise DDoS Protection</title><link>https://www.peakhour.io/blog/enterprise-ddos-protection-microsoft-365-application-security/</link><description>&lt;p&gt;Analysis of the Microsoft 365 DDoS attack by Storm-1359 reveals critical lessons for enterprise application security platforms. Learn advanced Layer 7 DDoS protection strategies and rate limiting techniques for modern applications.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 19 Jun 2023 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-06-19:/blog/enterprise-ddos-protection-microsoft-365-application-security/</guid><category>DDoS</category><category>DDoS</category><category>Threat Detection</category><category>Rate Limiting</category><category>Application Security</category><category>Account Protection</category><category>API Security</category></item><item><title>Chrome's TLS Extension Randomisation Experiment</title><link>https://www.peakhour.io/blog/tls-extension-randomisation/</link><description>&lt;p&gt;Does TLS extension randomisation assist in hiding Chrome?&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Thu, 02 Feb 2023 13:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2023-02-02:/blog/tls-extension-randomisation/</guid><category>Security</category><category>TLS Fingerprinting</category><category>TLS</category><category>Browser Fingerprinting</category><category>Fingerprinting</category><category>API Security</category></item><item><title>IP Threat Intelligence</title><link>https://www.peakhour.io/blog/ip-threat-intelligence/</link><description>&lt;p&gt;Comprehensive guide to IP threat intelligence for modern application security platforms. Learn how managed IP reputation lists and threat intelligence feeds protect applications from known malicious sources and emerging threats.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Fri, 15 Jul 2022 13:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2022-07-15:/blog/ip-threat-intelligence/</guid><category>Security</category><category>Threat Detection</category><category>DDoS</category><category>Rate Limiting</category><category>API Security</category><category>Bot Management</category><category>Networking</category></item><item><title>CVE-2022-26134</title><link>https://www.peakhour.io/blog/cve202226134-atlassian-confluence/</link><description>&lt;p&gt;Peakhour clients are protected against CVF-2022-26134 Atlassian Confluence RCE&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Thu, 02 Jun 2022 00:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2022-06-02:/blog/cve202226134-atlassian-confluence/</guid><category>Security</category><category>API Security</category><category>DDoS</category><category>Rate Limiting</category><category>Application Security</category><category>Credential Stuffing</category><category>Features</category></item><item><title>Intelligent Rate Limiting</title><link>https://www.peakhour.io/blog/rate-limiting/</link><description>&lt;p&gt;Comprehensive guide to intelligent rate limiting for modern application security platforms. Learn how sophisticated rate limiting protects APIs and web applications from abuse, DDoS attacks, and automated threats whilst maintaining optimal user experience.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 16 May 2022 13:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2022-05-16:/blog/rate-limiting/</guid><category>DDoS</category><category>Rate Limiting</category><category>DDoS</category><category>API Security</category><category>Bot Management</category><category>Application Security</category><category>Threat Detection</category></item><item><title>Rate limiting</title><link>https://www.peakhour.io/blog/rate-limiting-how-it-works/</link><description>&lt;p&gt;How can rate limiting protect your web application and the key items to consider when enabling.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 16 May 2022 13:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2022-05-16:/blog/rate-limiting-how-it-works/</guid><category>DDoS</category><category>Rate Limiting</category><category>API Security</category><category>DDoS</category><category>Application Security</category><category>Web Performance</category><category>Bot Management</category></item><item><title>Why Manage Bots?</title><link>https://www.peakhour.io/blog/bad-bot-countermeasures/</link><description>&lt;p&gt;Comprehensive guide to enterprise bot management and advanced countermeasures for protecting applications against sophisticated malicious bot threats. Learn proven strategies for bot detection, mitigation, and automated defence systems.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Mon, 30 Nov 2020 13:00:00 +1100</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2020-11-30:/blog/bad-bot-countermeasures/</guid><category>Bots</category><category>Bot Management</category><category>DDoS</category><category>API Security</category><category>Threat Detection</category><category>Residential Proxies</category><category>Credential Stuffing</category></item><item><title>Malicious Bot Threats</title><link>https://www.peakhour.io/blog/malicious-bot-threats-enterprise-application-security/</link><description>&lt;p&gt;Comprehensive analysis of malicious bot threats targeting modern applications and APIs. Learn how enterprise bot management protects against automated attacks, credential stuffing, price scraping, and sophisticated bot-driven financial damage.&lt;/p&gt;</description><dc:creator xmlns:dc="http://purl.org/dc/elements/1.1/">AC</dc:creator><pubDate>Wed, 12 Aug 2020 13:00:00 +1000</pubDate><guid isPermaLink="false">tag:www.peakhour.io,2020-08-12:/blog/malicious-bot-threats-enterprise-application-security/</guid><category>Bots</category><category>Bot Management</category><category>Credential Stuffing</category><category>API Security</category><category>Account Protection</category><category>Residential Proxies</category><category>Fraud Prevention</category></item></channel></rss>