Protecting your web APIs against cyber attacks and data breaches
The use of application programming interfaces (APIs) to provide access to applications and to business-critical data has naturally led to API security incidents. The growth of open banking APIs is expected to make this problem even more pervasive in the coming years.
Organizations exposing web APIs must balance ease of access to ensure adoption of APIs with control to prevent abuse or attacks. This typically involves using API gateways, combined with web application firewalls and other application security infrastructure where necessary, to implement API security.
But the widespread use of internal APIs, combined with mobile access and increased reliance on cloud APIs, make defending from the “edge” a risky strategy. The increasing use of hybrid approaches requires a more holistic view of API security.
Read on to learn the best practices Gartner recommends to secure your APIs against attacks and data breaches.