The Practical Guide to API Security
APIs are fast becoming the de facto tool for connecting businesses, eliminating silos within the enterprise, safely exposing data, and breaking down monolithic applications into maintainable and reusable services.
As the use of APIs has increased, however, so has the attack surface of your system and therefore the risk that they pose. In the rush to realize the benefits of APIs and services, many organizations sideline and ignore vulnerabilities and crucial processes.
One of the most critical disciplines that fall to the side is API security. Obviously, API security is an area that can’t be ignored.
"APIs are rapidly becoming one of the most important infrastructural layers of the Internet. They are difficult to secure and determined hackers are extremely tenacious in finding ways to exploit them.” -David Berlind, ProgrammableWeb Editor in Chief
This eBook is intended for developers, technical leads, architects, and IT and tech-savvy business leaders interested in building and securing a robust API environment.
At the end of this eBook, you’ll have a practical understanding of how to assess your API security posture, what needs to be done to implement API security, and a vision of how to mature your security as your enterprise’s use of APIs increases.
ADOPTION & EXPANSION
+ Number of APIs
+ Business coverage
+ Number of contracted apps
+ API usage
+ API reuse
EFFICIENCY & COST SAVINGS
+ Number of APIs in each SDLC stage
+ Time spent in each SDLC stage
+ Cost and time to build an API
+ App development velocity
+ Number of launches per year
+ Number of defects
SECURITY & VULNERABILITIES
+ Security violation
+ Policy enforcement
+ Time since the last version was published
+ Number of throttling issues
+ Time to onboard
+ Number of deployments
+ Number of incidents
+ Percentage of customers impacted. per incident
+ Time to resolve incidents