10 API Security

Most existing APIs are considered insecure. At least, that’s what API security experts agree with. According to Cequence Security, an API security vendor, account takeover (ATO) attacks on APIs increased by about 62% in the second half of 2021. ATO is just one of the most common types of attack vectors that can affect your API. These are usually related to cryptographic failures or the lack of secure storage and transmission of sensitive information. Making sure that your API is designed with security in mind is critical to protect you against attackers.

This chapter will begin by defining what API security is. First, you’ll get to know how to design secure APIs. You’ll then learn that software security is a well-studied area ...

Get Building an API Product now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building an API Product by Bruno Pedro

10

API Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly