API security maturity is improving, but we still see API vulnerabilities reported every month.

The most common cause of these vulnerabilities is broken authentication (#2 on the OWASP Top 10 list), followed by poor enforcement of payload schemas and failure to restrict access (both tied for #3). The good news is that CISOs and software developers are doing a better job with API security than they were in 2019. However, there’s always room for improvement – especially when it comes to implementing best practices around authentication and authorization. I’ll discuss this more in my next blog post

Back to Main