2. Don’t assume that API security is the same as web app security
The biggest mistake organizations make with API security is assuming that its just like application or network security, said Michael Isbitski, technical evangelist at Salt Security. It isntAPIs are different than applications and networks in many ways, so they need to be tested differently
https://t.co/7XZHsvmIor