What to Consider Before Developing an API Security Strategy

Recent incidents at Salesforce, Facebook, Google+—not to mention the Equifax breach and the Cambridge Analytica scandal that plagued Facebook—point directly to the unsettling reality that API security is often an afterthought for enterprises. Such incidents serve as a major wake-up call for enterprise security teams everywhere. An application program interface (API) is code that allows two software programs to communicate with each other. The API defines the correct way for a developer to write a program that requests services from an operating system or other application. Enterprises first must understand the nature of their API infrastructures. Most are not even aware of how many APIs they have in the first place.