Defending APIs

Preface

Part 1: Foundations of API Security

1 What Is API Security?

Why API security is important

The growth of the API economy

APIs are popular with developers

APIs are increasingly popular with attackers

Your existing tools do not work well for APIs

Developers often lack an understanding of API security

Exploring API building blocks

Rate limiting

Cryptography

Hashes, HMACs, and signatures

Transport security

Encoding

Examining API data formats

Understanding the elements of API security

DevOps

SAST, DAST, SCA, and WAFs

API management and gateways

API security platforms

Setting API security goals

The three pillars of security

Abuse and misuse cases

Data governance

A positive security model

Risk-based methodology

Summary

Further ...

Get Defending APIs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Defending APIs by Colin Domoney

Table of Contents

Preface

Part 1: Foundations of API Security

1

What Is API Security?

Why API security is important

The growth of the API economy

APIs are popular with developers

APIs are increasingly popular with attackers

Your existing tools do not work well for APIs

Developers often lack an understanding of API security

Exploring API building blocks

Rate limiting

Cryptography

Hashes, HMACs, and signatures

Transport security

Encoding

Examining API data formats

Understanding the elements of API security

DevOps

SAST, DAST, SCA, and WAFs

API management and gateways

API security platforms

Setting API security goals

The three pillars of security

Abuse and misuse cases

Data governance

A positive security model

Risk-based methodology

Summary

Further ...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly