3. Monitor API Traffic for Unauthorized Access Attempts and Suspicious Activity

Just like you should monitor web traffic to detect malicious activity, you should also track API requests to identify suspicious behavior that could indicate an attack or unauthorized access attempt. This is especially important for APIs that are open to public use, but even internal-only APIs can be targeted by attackers who gain access to authorized users’ credentials through phishing attacks or other means.

tl;dr: Don’t let your users become victims of a phishing scam — educate them on how they can avoid being tricked into giving up their passwords and other sensitive information
https://t.co/lssKXwFrj8