references
Chapter 1
[1] Cloudflare (2025). 2024 API security & management report. https://www.cloudflare.com/2024-api-security-management-report
[2] Akamai (2019, February 26). Akamai state of the internet security report: Retailers most common credential stuffing attack victim; points to dramatic rise in API traffic as key trend. https://www.akamai.com/newsroom/press-release/state-of-the-internet-security-retail-attacks-and-api-traffic
[3] Salt Security (2023). 2023 Q1 API security trends. https://salt.security/
[4] Emmons, Tom (2022, May 4). An attack surface workout for web application and API attacks. Akamai. https://www.akamai.com/blog/security/attack-surface-workout-web-application-api-attacks
[5] Kong (2023, July 27). API infrastructure is mission critical—and increasingly under attack. https://konghq.com/blog/enterprise/apis-are-mission-critical
[6] Postman (2024). 2023 State of the API report. https://www.postman.com/state-of-api/api-first-strategies
[7] Peralta, José Haro (2022). Microservice APIs: Using Python, Flask, FastAPI, OpenAPI, and More. Manning Publications.
[8] Biesack David (2023, February 15). API design first is not API design first. API Design Matters. https://apidesignmatters.substack.com/p/api-design-first-is-not-api-design
[9] Kocot, Daniel (2023, October 16–18). API first … no [video]. Presentation at the 2023 Platform Summit, Stockholm. https://youtu.be/aJsmK3XRjjY