Site icon API Security Blog

The API was not secure because the application code implementing it wasn’t secure.

The incident highlights a number of key issues that organizations need to address when developing and deploying APIs:

API security is critical, even if you think you don’t have any “real users” – The app developers in this case failed to take into account that there would be external parties who could potentially access their private API, which meant they did not properly protect the data being transmitted through it. This led to an attack on the API itself and resulted in sensitive user information being exposed. In fact, as we mentioned above, Gartner predicts that by 2022 APIs will become the top attack vector for cybercriminals
https://t.co/6xQRkE3dpo

Exit mobile version