Understanding BOLA, excessive data exposure, and improper assets management exploits
While baseline perimeter security measures are widely used to protect applications, API abuse and other types of attacks are on the rise. In fact, some of the highest-profile security incidents to hit the headlines in recent years have been API-related.
In this paper, we provide concrete examples of how APIs are attacked and what you can do to extend your threat hunting practices to your APIs. Including:
Reviewing the basics of APIs
Exploring why API security is a topic of growing importance
Using some high-profile API security incidents to highlight key API security areas to focus on
Illustrating the types of capabilities needed to perform API threat hunting effectively
