Security News > 2023 > May > Unattended API challenge: How we’re losing track and can we get full visibility
As highlighted by Postman's 2022 State of the API Report, "89% of respondents said organizations' investment of time and resources into APIs will increase or stay the same over the next 12 months," emphasizing the confidence in the growth of API development and deployment.
SBOMs play a vital role in API risk evaluation and monitoring by providing visibility into the API's underlying components, making it easier to identify potential vulnerabilities and manage risks associated with third-party dependencies.
While Web Application Firewalls and API Gateways are widely adopted for API protection, they may be insufficient on their own.
"Relying on just WAFs and API Gateways is insufficient for API security. As seen in the Capital One breach, sophisticated attacks can exploit vulnerabilities. Organizations must adopt immediate observability, continuous monitoring, API governance, and risk assessment to effectively safeguard their digital assets." - Chaim Peer, CEO of BLST Security.
The growing prevalence of API sprawl and the risks associated with unattended APIs have highlighted the need for organizations to adopt robust security measures and governance practices.
To overcome the challenges posed by unsecured endpoints, shadow APIs, and rapid API deployment, organizations must look beyond traditional security measures, such as WAFs and API gateways, and embrace comprehensive, multi-layered security approaches.
News URL
https://www.helpnetsecurity.com/2023/05/09/unattended-api-challenge/