The primary inspiration for this article was my feeling that unfortunately, IT and Cyber too often work in silos — with security constraints often poorly addressed or insufficiently shared. It was also inspired by meetings with people working in Cyber, who may recognize each other.
Indeed, on the IT side, API security is often perceived as a subject that is covered as long as authentication and rights are properly managed and an API Gateway is used. Of course, this is necessary. But thinking about API security, in terms of what it involves, means thinking about a large part of the security of your IT.
This article has been indexed from DZone Security Zone