Security News > 2021 > December > How well do you know your APIs? Not well enough, says Cisco
Cisco's Vijoy Pandey has tools and tips to help businesses get visibility into their APIs.
APIs are responsible for taking some of the most valuable data that an organization uses and sending that data, when requested, to another application using the API to decode that data in a way the app can understand and return to its user.
"You might be pulling APIs from the public cloud, SaaS providers, Salesforce or you may have on-prem APIs that you've created in a monolithic environment like a Java app. Or, you might have them running as a microservice or in a serverless manner. It doesn't matter how, but you're using APIs so your application is really sitting on the wide open internet," Pandey said.
Cisco introduced a new open-source software tool called APIClarity to address what Pandey described as "a plethora of problems" surrounding API visibility.
"Many people don't even know what an API is, or how they're being used by developers. They don't know which APIs are undocumented, which are depreciated and still being used and many developers don't take the time to document their own APIs, or update documentation to account for API drift," Pandey said.
First, Pandey has three tips for ensuring that APIs and any other application code pulled from another source is safe.