Security News > 2021 > June > 7 tactics for boosting the security of your APIs
Security experts recommend setting basic security standards for all your data feeds, enlisting help from procurement and doing an API inventory.
Hundreds of third-party apps in Android devices were given access to sensitive data logged by contact-tracing apps built on Google and Apple's API, according to reports from security researchers in April.
Security researchers found that John Deere also had API security vulnerabilities that could have allowed hackers to see a vehicle owner's name, address and the vehicle's VIN. There's no evidence that this information was accessed by a bad actor.
Kent said the industry needs to set overall security standards as well, something similar to the Payment Card Industry Data Security Standard.
Kent said procurement teams should start adding security issues to contract language, such as adding a price tag to a security breach.
Carielli said she is actually somewhat optimistic about the state of API security because security teams are paying attention to the problem and investing in API tooling.