The extensible reach of Application Programming Interfaces (APIs) has enabled enterprises to transform countless business processes into web services with seemingly limitless scale and reach. Or has it? This talk will introduce unique API caching methods to address the common performance and scalability challenges experienced by providers of RESTful APIs, and also discuss how cached APIs can protect against the latest security threats to web infrastructure at scale.By gleaning insights from Fastly's vast insight into the full range of web attacks against both its customers and itself, this talk will update on current web exploits and attacks, as well as analyze some of the latest attack profiles. It will also cover some of the latest improvements in Web PKI (SSL/TLS) that a website should absolutely be using for their web and API stack. Attendees will learn what online resources lack in detail about how to configure SSL/TLS amid continued turmoil around governments snooping on end user traffic, including the proper setup to make sure web application end users are protected.The ability to cache whole APIs, is a relatively new way to extend and scale API-based app architecture, without without sacrificing performance or security. This talk will offer attendees a first opportunity to learn how to configure and automate API caching for maximum performance and broad protection.