Application programming interfaces, better known as APIs, link unrelated platforms so data can flow freely between them. And in order for providers to share patient health data across different systems, APIs must be produced at rapid speed and maintained with diligence to foster interoperability. However, this innovation comes with a catch. The more APIs an organization uses, the greater opportunity for risk they face in both performance and security.
The Open Web Application Security Project (OWASP) has published the latest edition of its API Security Top Ten, which was first published in 2019. The Top Ten is a significant daughter list of the OWASP Top Ten, which is one of the most definitive lists of the most severe web application risks. Why is this important? What are its main findings? And what does this mean for application security?
Welcome to the 12th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it. To see previous posts you might have missed, click here. This post will put a spotlight on Injection, which used to be its own category (OWASP API8:2019) but has now been subsumed into OWASP API10:2023 (Unsafe Consumption of APIs).
Over the last few years, APIs have rapidly become a core strategic element for businesses that want to scale and succeed within their industries. In fact, according to recent research, 97% of enterprise leaders believe that successfully executing an API strategy is essential to ensuring their organization’s growth and revenue.
The financial services industry has embraced the wave of digital transformation, allowing their customers to make informed decisions and instant transactions with the click of a button. One of the unsung heroes providing that level of customization and access are a collection of microservices and application programming interfaces (APIs).
2023 Summer is definitely over, but the good news is that it kept our team very busy. We have lots of new features and improvements to share with you today.