2. Don’t assume that API security is the same as web app security

“The biggest mistake organizations make with API security is assuming that it’s just like application or network security, said Michael Isbitski, technical evangelist at Salt Security. “It isn’t—APIs are different than applications and networks in many ways, so they need to be tested differently
https://t.co/7XZHsvmIor