Security News > 2023 > August > How to handle API sprawl and the security threat it poses
API security isn't solely the responsibility of IT security professionals.
Your API gateways, WAFs, and other security technologies and infrastructure should work with the API contract to provide seamless CI/CD integration and automation across the software and API lifecycle.
Automating API deployment and security helps prevent shadow APIs from slipping into deployment, so you can address vulnerabilities before APIs go into production.
Fixing API deployment practices requires engineering teams, infrastructure operators, and security teams to come together and establish API governance policies for the entire API lifecycle, as well as the processes through which they will be applied.
API sprawl typically arises when developers, infrastructure operators, and IT security teams lack alignment and clarity around shared responsibilities for API management and security.
The fight against API sprawl and its associated security risks will be an ongoing battle in today's technology landscape.
News URL
https://www.helpnetsecurity.com/2023/08/11/api-sprawl-security-risks/
Related news
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- Addressing the intersection of cyber and physical security threats (source)
- The API security crisis and why businesses are at risk (source)
- Inconsistent security strategies fuel third-party threats (source)