Many organizations dont have security practitioners as part of their developer cycle, and developers are not being trained on how to secure APIs.
In the past few years, we have seen many high-profile API breaches in companies like Panera Bread, Fiserv Inc., LifeLock Inc., Kay Jewelers and others. What is your take on this? How can enterprises ensure that they do not become a victim of such attacks?
API security has often been a blind spot for enterprises. In fact, its very common to see unauthenticated APIs. In most cases, these mostly occur due to overlooked authentication and authorization protection for the APIs in the development process
https://t.co/Y7kdNRSBtE