Security News > 2022 > July > Why your API gateway is not enough for API security?

Why your API gateway is not enough for API security?
2022-07-06 04:00

While API gateways play a vital role in API management and API delivery, they provide a variety of core functionality for API security.

It might be tempting to adhere to API gateway alone to meet security objectives.

First, let's understand the handshake between API and API gateway.

API security requires the implementation of strategies and procedures that can help one mitigate the security threats of their API. This includes ways to prevent explicit and implicit management failures, as well as code failures.

Let us not mix API gateways with API security as the former, with its access control feature, is often part of API security.

The cyber-attacks get mileage from a valid API token to attack an application's business logic or data layer can be successful, as they are designed and engineered to target vulnerabilities that allow API usage.


News URL

https://www.helpnetsecurity.com/2022/07/06/why-your-api-gateway-is-not-enough-for-api-security/