SaaS, web and mobile applications are increasingly being built on application programming interfaces (APIs). Attacks targeting these APIs have become more prevalent and vulnerabilities in APIs continue to be disclosed, both leading to high profile breaches and negative headlines. The problem is compounded by many organizations continuing to rely on traditional security approaches designed to protect applications that were fundamentally different from those being developed today, as APIs have proliferated across environments to enable modern applications.
In this webinar, we will explore how enterprises need to adopt a proactive ‘monitor and respond’ approach rather than focusing solely on secure perimeters and access controls, and discuss how to prevent an attacker from exploiting unique API vulnerabilities.
Key takeaways:
- Understanding the complexity of modern APIs, and how attackers can exploit them.
- How to maintain a current catalog of APIs including where sensitive data is exposed and transmitted.
- The importance of learning the unique logic and behavior of each API at a granular level to identify and stop malicious activity.
- How security and development teams can improve workflows to improve API security
- Steps in building an effective security strategy for modern web applications