Application programming interfaces (APIs) enable developers to quickly and easily roll-out services but they’re also equally attractive to attackers. This is because they can provide ready access to back-end systems and sensitive data sets. What makes these attacks so interesting is how they are executed: unlike a traditional “hack,” an API attack doesn’t hinge on there being something wrong with the API. Rather, attackers can legitimately use the way an API functions against it and … Continue reading API security warrants its own specific solution