Mythbusters API Edition
IAM, API gateways, and WAFs are enough
IAM, API gateways, and WAFs are enough
This video series busts common industry myths surrounding API security and cuts through the fluff of security industry trends that may actually be impeding your API security strategy.
In this episode, we tackle some of the pitfalls of shift-left. Some elements of API security should be addressed in code, but many API security controls must be present in runtime that are external to code. Secure build pipeline focuses also have limitations that result from scanner design and compressed release windows.
Securing APIs: The New Application Attack Surface
Download Securing APIs: The New Application Attack Surface Now
State of API Security Report
Solution Brief: WAFs and API Security