Security News > 2023 > November > The new imperative in API security strategy

The new imperative in API security strategy
2023-11-16 04:00

Of the 239 vulnerabilities, 33% were associated with authentication, authorization and access control - foundational pillars of API security, according to Wallarm.

Open authentication, single-sign on and JSON Web Token, safeguards for API security, were compromised in reputable tech organizations such as Sentry and WordPress.

The foundation of robust API security lies in the core principles of authorization, authentication, access control.

It is crucial to incorporate API leak protection measures into a security strategy program.

Despite not being covered in the OWASP API Security guidelines, the report highlights a multitude of incidents traced back to leaked credentials leading to security breaches.

"Whether caused by malicious actors or internal carelessness, this report is a wake-up call for business leaders and cybersecurity professionals to include protection against threats to APIs and other leaks in their product security programs. Established security frameworks, like OWASP API Security Top-10, are one way to get started but have limitations in addressing today's complex API security needs."


News URL

https://www.helpnetsecurity.com/2023/11/16/api-leaks-threat/