Published: 6 Oct 2014
It is a mistake to think we can secure APIs using the same methods and technologies with which we secured the conventional, browser-centric Web. While it is true that APIs share many of the same threats that plague the Web, APIs are fundamentally different from Web sites and have an entirely unique risk profile that must be addressed.
Fortunately, solutions are available to counter both of these vectors simultaneously. By adopting a secure API architecture from the beginning, an organization can pursue an API publishing strategy safely and securely – and reap the benefits offered by the type agile integration that APIs make possible.