Securing APIs in the modern threat landscape: Best practices and challenges
Department of Computer Science Engineering, Kent State University, Kent, Ohio, USA.
Review Article
World Journal of Advanced Research and Reviews, 2022, 13(03), 654-657
Publication history:
Received on 11 February 2022; revised on 25 March 2022; accepted on 30 March 2022
Abstract:
As application ecosystems evolve toward microservices, serverless architectures, and cloud-native models, Application Programming Interfaces (APIs) have become essential conduits for data and functionality exchange. However, their ubiquity and accessibility also make them prime targets for cyberattacks. This paper explores the evolving threat landscape for APIs, outlines the security challenges associated with API-first development, and recommends best practices for securing APIs across their lifecycle. It also includes a case study on high-profile API breaches from 2021–2022 and offers practical implementation strategies aligned with NIST and OWASP frameworks.
Keywords:
API Security; API Gateway; Microservices; Cloud-Native Security; Shadow APIs; Threat Modeling;
Full text article in PDF:
Copyright information:
Copyright © 2022 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0