The first step is to establish a feedback loop between SecOps and DevOps teams. This requires the creation of an API security policy that defines how APIs should be secured in accordance with business requirements. The next step is to automate the enforcement of this API security policy across all applications and their respective APIs – without slowing down development cycles or introducing unnecessary friction into the process. To accomplish this, there are two key components: discovery and monitoring (which includes both static analysis as well as runtime inspection)
https://t.co/ERKa20fSw9