After more than 20 years in the making, now it’s official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing.
APIs have crucial roles to play in virtually every industry today, and their importance is increasing steadily, as they move to the forefront of business strategies. This comes as no surprise: APIs seamlessly connect disparate apps and devices, bringing business synergies and efficiencies never witnessed before.
However, APIs have vulnerabilities just like any other component of the software. Adding to that, if they aren’t rigorously tested from a security standpoint, they can also introduce a whole new array of attack surfaces and expose you to unprecedented risks. If you wait until production to discover API vulnerabilities, you can incur substantial delays.
APIs are attractive to attackers, not just businesses
Keep in mind that APIs do more than simply connect your applications; they change the functionality in unpredictable ways. Many of the unique weaknesses that APIs may introduce are well known to hackers, who have developed different methods to attack your APIs…
http://feedproxy.google.com/~r/TheHackersNews/~3/GASj_xiB8DA/wake-up-identify-api-vulnerabilities.html