APIs are the connective tissue for all things digital and can be found in nearly everything we do online – logins, payments, transfers, online banking, and even autonomous driving. However, the proliferation of APIs has also dramatically increased organizations’ attack surface.
Organizations need to protect not only the APIs they know they’ve deployed, but also those they may not be aware of. Shadow APIs – that is, APIs that are unmanaged, unknown, and unprotected – have become a prime target as attackers turn their attention to them. In the second half of 2022 alone, approximately 45 billion search attempts were made for shadow APIs!
In this session, hear from Ulta Beauty on how they discovered their known and unknown APIs, Log4J vulnerable servers, and exposed non-production servers – and protected them all.