API Security Training - Learn All About API Security

Institute of Information Security IMBIBE INSPIRE SHARE API SECURITY : AN INTRODUCTION TO APIS APIS ( Application Programming Interfaces ) are in use everywhere - they are the components that allow different platforms , systems , and applications to communicate and share data . While opening up access to these resources can unlock a ton of value , it also exposes vulnerabilities that can be exploited . M This infographic explores the security problems that APIs pose , common attack vectors , and recent activity in the API security market . Here , we're going to focus on a very relevant topic ( though sometimes overlooked ) : API Security WHICH ARE THE MOST COMMON API SECURITY ATTACKS ? AUTHENTICATION AND ENCRYPTION - APIs cannot intuit they are connecting to a fake website BUSINESS LOGIC FLAWS- Using the legitimate processing flow of an API in a way that results in a negative consequence for the organization . DENIAL OF SERVICE ( DOS ) - These attacks overwhelm the API with requests , crippling its ability to respond . CROSS - SITE SCRIPTING ( XSS ) - Compromised APIs can Inject malicious code into web pages . SQL PARAMETER ATTACKS- Tainted APIs can try to inject malicious SQL statements into an entry field for execution SERVICE INFORMATION LEAKAGE- When an API leaks data about configuration , resulting in the ability to take control or expose private data . www.iisecurity.in f @ InfoSecInstitute O @ iisecurity.in @iinfosec