Monitor all API calls for suspicious activity and ensure that the source IP address of each request matches the originating user or device.

Basic Web Application Attacks: Attacks with a small number of steps/additional actions after the initial web application compromise.
System Intrusion: Complex attacks that leverage Malware and/or Hacking to achieve their objectives including deploying ransomware.

Disclosure Failure: Incidents where an organization was aware of a vulnerability but failed to disclose it in time to prevent further damage from occurring
https://t.co/IHx0aw6hU8