Security News > 2023 > August > How to handle API sprawl and the security threat it poses
API security isn't solely the responsibility of IT security professionals.
Your API gateways, WAFs, and other security technologies and infrastructure should work with the API contract to provide seamless CI/CD integration and automation across the software and API lifecycle.
Automating API deployment and security helps prevent shadow APIs from slipping into deployment, so you can address vulnerabilities before APIs go into production.
Fixing API deployment practices requires engineering teams, infrastructure operators, and security teams to come together and establish API governance policies for the entire API lifecycle, as well as the processes through which they will be applied.
API sprawl typically arises when developers, infrastructure operators, and IT security teams lack alignment and clarity around shared responsibilities for API management and security.
The fight against API sprawl and its associated security risks will be an ongoing battle in today's technology landscape.
News URL
https://www.helpnetsecurity.com/2023/08/11/api-sprawl-security-risks/
Related news
- Obsidian Security Warns of Rising SaaS Threats to Enterprises (source)
- The dark side of API security (source)
- Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof? (source)
- Product showcase: Shift API security left with StackHawk (source)
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority (source)