Mythbusters API Edition

IAM, API gateways, and WAFs are enough

This video series busts common industry myths surrounding API security and cuts through the fluff of security industry trends that may actually be impeding your API security strategy.

In this episode, we tackle some of the pitfalls of shift-left. Some elements of API security should be addressed in code, but many API security controls must be present in runtime that are external to code. Secure build pipeline focuses also have limitations that result from scanner design and compressed release windows.

Related resources

Securing APIs: The New Application Attack Surface Download now

State of API Security Report Download now

Solution Brief: WAFs and API Security Download now