Follow us
Click here to setup your social networks

API Security is critical for Cybersecurity with Chuck Herrin

In this conversation, Jon Scheele and F5's Field CISO Chuck Herrin discuss the critical importance of API security in today's digital landscape, where API traffic constitutes a significant portion of overall internet traffic. They explore the unique vulnerabilities associated with APIs, the relevance of OWASP's Top 10 for API security, and the evolving threat landscape that organizations face. The discussion emphasizes the need for visibility and discovery of APIs, the risks posed by third-party APIs, and the emerging vulnerabilities related to AI. Herrin highlights the necessity of understanding the architecture and attack surfaces to effectively manage security risks.

Join the Opstober Challenge!

Take your DevOps and SecOps skills to the next level this October with the Opstober Challenge!

Join developers and engineers from Singapore, Indonesia, and across Southeast Asia in a month-long journey to master the latest in DevOps and SecOps best practices: automation, security, observability and more.

Sign up / Login Now

See more about AI Security and Cybersecurity

Understanding the OWASP Top 10 API Security Risks

OWASP created the Top 10 for API Security Risks separate from the Top 10 for Web Application Security Risks because API security presents unique challenges that differ significantly from traditional web application security. As APIs have become a critical component of modern applications and cloud services, they have exposed new attack surfaces and security risks that needed to be addressed distinctly.

www.blueconnector.co/blog/our-blog-1/understanding-the-owasp-10-for-api-security-15 

OWASP Top 10 API Security Risks for Real

Here are real examples of API security breaches, how they map to the OWASP API Security Top 10 (2023), and practical mitigation strategies to prevent or minimise their impact.

https://www.blueconnector.co/blog/our-blog-1/owasp-top-10-api-security-risks-for-real-16

What is API Security?

A foundational element of innovation in today’s app-driven world is the API. From banks, retail and transportation to IoT, autonomous vehicles and smart cities, APIs are a critical part of modern mobile, SaaS and web applications and can be found in customer-facing, partner-facing and internal applications. By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.


API Security focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs).

 https://owasp.org/www-project-api-security/

powered by blue connector

API Strategy and Tech Advisory, Training and Events

We connect your organisation, your customers, partners and suppliers with the information and knowledge you need to make your tech work for you

 Learn more