API security is hard and it’s not getting any easier.

How do we make API security better? Here are some suggestions:

1)    Understand the OWASP Top 10 for APIs – The Open Web Application Security Project (OWASP) has a list of top 10 risks that should be considered when building or using an API. You can find this here . This list includes things like broken authentication, broken access control, and poor transport layer protection. If you don’t know what these mean then you need to learn more about them before you start designing your next API

Back to Main