Security News > 2020 > January > Security pitfalls to avoid when programming using an API
API abuse is an ongoing problem and is expected to escalate in the coming years, as the number of API implementations continues to grow.
The OWASP API Security Project aims to provide software developers and code auditors with information about the risks brought on by insecure APIs.
"There are issues that look simple, but are critical, like good housekeeping and documenting APIs. There are also complex issues of access control that might require some attention from the design phase," Erez Yalon, director of security research at Checkmarx and co-lead on the OWASP API Security Project, told Help Net Security.
"To put it simply, follow this list closely - OWASP has done the groundwork for development teams and security professionals to improve their knowledge around security risks to look out for when implementing APIs. Understanding the vulnerabilities outlined within will help teams to mitigate against API security risks and to put systems into place moving forward."
This first version of the list has been based on publicly available data about API security incidents, security experts' contributions, and discussion with security practitioners.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/gk66arwAmXU/