This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Application programming interfaces (APIs) are the modern currency of today’s advanced enterprise IT systems. They drive countless innovations and streamline services across banking, healthcare and many other sectors. However, this explosion in API use comes with side effects in the form of security gaps — many of which remain hidden as APIs work largely out of view in most application environments.
Look no further than the recent case at T-Mobile, where hackers exploited a single API to steal the data of 37 million customers. This followed an incident at Twitter where an unsecured API exposed the data of over 5 million customers. Let’s examine the root causes of this API security challenge, and how the right approach to security scanning can clarify and mitigate these risks in both development and production environments.