Securing APIs: The New Application Attack SurfaceBy Mike Rothman
The way applications are built, deployed, and maintained in most organizations is being disrupted. Macro changes include the ongoing cloud migration disrupting the tech stack, new application design patterns bringing microservices to the forefront, and DevOps changing dev/release practices. As we’ve been slowly navigating this sea change, the common thread across these changes is increasing reliance on Application Programming Interfaces (APIs).
APIs have quickly emerged as the most attractive and least- protected target within new applications because they have access to critical data and services.
In this paper, Securing APIs, we work through how application architecture and attack surfaces are changing, how application security needs to evolve to deal with these disruptions, and how to empower security in environments where DevOps rules the roost. So you are better prepared to protect whatever applications look like moving forward.
Our research is licensed by forward-looking companies that realize the importance of educating their communities on the rapidly changing technology landscape. We thank our friends at Salt Security for licensing this report. Our research is done using our Totally Transparent research methodology. This allows us to do impactful research while protecting our integrity.
You can download the paper (PDF).