The fact that application programming interfaces (APIs) are publicly available makes them potential security threats to organization’s data.
To address this problem, Cisco has introduced an open-source software tool called APIClarity, which attempts to address the security risks associated with API visibility issues. Vijoy Pandey explains how organizations can ensure that APIs from another source are secure, and Cisco VP for Cloud Systems and Distributed Systems has compiled a few tips to follow.
This includes keeping a regular look at security news from OWASP, treating software with the utmost importance, and ensuring that the software materials list traces each item to a trusted source, and finally the availability, hosting location, and overall reputation of an API in the industry.
In order to implement the recommended practices, Pandey asked users and organizations to look for software solutions that link or combine such practices. He also advised using fewer native services from cloud providers and resorting to managed services instead.
Those interested in native services should ask the right questions at the time of registration, namely future accessibility.