1 What is API security?

 

This chapter covers

  • What is API security?
  • What is security-by-design for APIs?
  • Why does API security matter?
  • What are attack vectors in an API?
  • How does API security fit into the API development cycle?
  • How to keep pace with the field of API security

APIs are everywhere. Accounting for 57% of all web traffic (https://www.cloudflare.com/2024-api-security-management-report/), APIs are the engines that power the Internet. They allow organizations to offer services through well-defined interfaces. They power browser- and mobile-based applications. They enable service-to-service communication. They accelerate automation and bring uniform interfaces to core platforms. More and more organizations are discovering the benefits of APIs to optimize their services, automate their processes, and tap into new lines of business.

But here’s the thing: APIs represent gateways into our systems. Every time we create an API, we open a door that allows users to access data and functionality from our system. Of course, that’s the goal of an API: to expose data and functionality. And when properly implemented and secured, APIs are great. The danger comes when APIs aren’t properly secured.

1.1 What is API security?

 
 
 
 

1.2 What is API security by design?

 
 
 

1.2.1 API design

 
 

1.2.2 API implementation

 
 

1.2.3 Architecture

 
 

1.3 Why is API security important?

 

1.4 Unexpected vectors of attack

 
 
 

1.5 How does API security fit into the API development cycle?

 
 
 

1.6 The rapidly changing landscape of API security

 
 
 

1.7 Who is this book for and what you will learn

 
 
 
 

1.8 Summary

 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage