DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 32, Issue 2

Full Contents Now Available!

Thursday, 25 April 2019 14:11

5 Security Challenges to API Protection

Today's application programming interfaces are no longer simple or front-facing, creating new risks for both security and DevOps

All APIs are different inside, even if they're using similar frameworks and architectures, such as REST. Under whatever architectural "roof," the data protocols are always different — even when the structure is the same.

You've likely heard of specific protocol formats, such as REST, JSON, XML, and gRPC. These are actually data formatting and transportation languages that act as APIs' spokes. Inside those formats is a lot of variation. These formatting languages are less "language" and more like airplanes that carry ticketed passengers that move through airports to get where they need to be. The languages passengers speak and their individual cultural details are highly different.

From a security perspective, the protocol itself does nothing. To be effective, security needs to translate the language and intention of each person coming through, not just let the passengers navigate freely.

...

https://www.darkreading.com/5-security-challenges-to-api-protection/a/d-id/1334475