Illusion of Security due to similarities?

Illusion of Security due to similarities?

Sep 18, 2024
appsentinels

In 2019, OWASP released first version of API Security Top 10. Like the omnipresent OWASP Top 10, the API Security Top 10 delivers a prioritized list of the most critical application security issues with a focus on the APIs. In this whitepaper, we would like to share an overview of the API top 10 with comparisons to the OWASP top 10 for web applications and break any false sense of security by seeing similarities in the list.

APIs – the Foundations of Applications

APIs are foundational element of innovation in today’s app-driven world. Whether it is monolithic, micro-services, serverless or no-code frameworks, APIs are everywhere. From banks, retail, and transportation to IoT, autonomous vehicles and smart cities, APIs are a critical part of modern mobile, SaaS, and web applications. APIs can be found in customer-facing, partner-facing and internal applications. As per an Akamai report, in 2019 API’s were contributing 83% of the overall internet traffic.

While API’s have made development faster and applications more dynamic, they have presented new set of security challenges and possibilities for hackers. By nature, APIs carry sensitive information and are land directly on crown jewels of an organization. They are fast becoming preferred attack vectors for application attacks. Gartner predicts that by 2022, APIs will be the most frequent attack vector leading to breaches for web applications.