Protect API keys like you protect passwords.
Discription
3. Monitor for Unauthorized Access and Suspicious Activity
API security is only as strong as the weakest link in the chain, so its important to monitor all access points to ensure that unauthorized users arent gaining illicit access or performing suspicious activities. This includes monitoring both internal and external traffic on APIs, including requests from mobile apps accessing backend systems through an API gateway.
tl;dr: Use a layered approach to monitoring your APIs for suspicious activity
https://t.co/oZaOpBjEvc
References
Back to Main