Applications and APIs must be actively protected from attacks, abuse, fraud, and data loss. Discover – Know how many APIs exist, where they’re located, and how much risk they carry. Comply – Ensure that APIs adhere to internal governance and external regulatory compliance. Protect – Detect threats and attacks, and appropriately mitigate them to protect the applications that the organization and their customers depend upon.