Protecting APIs from Automated AttacksView PDF
Driven by mobile device ubiquity and the move towards modular applications, organizations are using APIs to enable application business logic, facilitate integration with other system elements, and reduce development time. Unfortunately, APIs are a double-edged sword, introducing an attack vector that is often times left unprotected. According to Gartner, by 2021, 90% of web-enabled applications will have more surface area for attack in the form of exposed APIs rather than the UI, up from 40% in 20191. There are multiple drivers behind the use of APIs as an attack vector.