Postman Engineering Blog
Security Training Doesn’t Have to Suck
We’ve all spent way too many years falling asleep to sitting through boring videos seemingly made in the 1900s–that you can’t speed…
Wiz Zero Critical Club!
Postman has joined Wiz’s Zero Critical Club, “a prestigious group of Wiz customers who have achieved the extraordinary feat of having zero…
Root Cause Analysis: Shai-Hulud 2.0
Postman Security knows that trust begins with transparency. So we are following up (as promised!) on the Shai Halud attack we first…
Smart API Security: The Power of LLMs and Postman MCP
APIs are the nervous system of modern software. They power apps, SaaS platforms, fintech products, and even your coffee machine. Yet, APIs…
Shai-Hulud 2.0 npm supply-chain attack
Update: our RCA has been posted here. Postman has discovered unusual activity in our NPM org relating to the ongoing “Shai-Hulud 2.0…
Postman Security: Playing Chess, Because Every Move Matters
In today’s rapidly evolving API landscape, security isn’t a box to check; it’s a dynamic, evolving strategy. At Postman, we’re not just…