Security News > 2021 > November > Lack of API visibility undermines basic principle of security

The new visibility challenge, with so much core business depending on interconnecting processes and data via APIs, requires that companies need to know what APIs they expose externally and internally and how they should behave.

Traditional tools, such as WAFs and API Gateways were built for a different purpose and lack the ability to discover APIs and provide a complete inventory of them.

Questions such as what is going on inside the API interaction, what information is being passed, how should the API typically behave, what is the risk involved, and other important details remain fully unanswered.

Incidents targeting the lack of API visibility are becoming the top security issue facing organizations, and they will become the vast majority within the next several years.

New technology can now provide the visibility with behavioral assessment that security and compliance teams must prioritize the policing of APIs as one of the top vectors for managing risk.

If a company already uses APIs to conduct digital business and integrate customers, partners, suppliers and processes or initiatives, API security is now a must-have to protect the business.

News URL

https://www.helpnetsecurity.com/2021/11/19/lack-of-api-visibility/