API Abuse Is a Data Security Issue Here to Stay


Just about every app uses an application programming interface (API). From a security standpoint, though, APIs also come with some common problems. Gartner predicted that API abuse will be the most common type of attack seen in 2022. So, what problems exactly do APIs face? And what can data security defenders do about it? 


Prevalent API Risks


In 2019, OWASP named 10 web app data security risks to watch out for. These include: 


Data exposure: This type of threat arises when developers expose all the properties of their objects without considering how private those items might be. Therefore, it’s up to clients to perform data filtering before displaying anything to a user.
Security misconfigurations: These data security weaknesses take on various forms, including misconfigured HTTP headers, error messages containing sensitive info and exposed cloud storage. Oftentimes, they’re a product of insecure default configurations.
Injection: In this case, a command or query sends untrusted data to an interpreter. Attackers can use those types of flaws to fool an interpreter into running malicious code or commands involving sensitive data.
Insufficient logging and monitoring: Both of these data security risks can provide attackers with chances to hide within their network unnoticed. From there, threat actors can scope out the network, move to business-critical assets and exfiltrate data.

The Effects of Data Security Risks on Business


Issues involving APIs didn’t hold businesses back just in terms of their plans to roll out new apps. They also cost time and resources if an attack does happen.


This happened for a lot in 2020. As noted by ..

Support the originator by clicking the read the rest link below.