APIs drive everything in this current economy; from smartphones to smart watches to smart cars, people use smart API-connected devices and tools for their work and play.
Industry verticals such as banking, retail, healthcare, and even government, are dependent on APIs for their mission-critical operations. Earlier, Gartner had predicted that, by 2022, API abuses will move from infrequent to the most-frequent attack vector. The growth in not only the number of APIs but the exponential increase in API usage has made this prediction all the more impactful on businesses around the world.
According to a more recent Gartner CIO and Technical Executive survey, cyber and information security are at the top of the list for planned investments in 2022. This is not surprising as business leaders are feeling the pressure to put budget and resources behind cybersecurity to protect their APIs, data, customers, and the reputation of their companies.
If you look at the OWASP, the Open Web Application Security Project’s Top 10 List for API Security, you will see that there are many areas that your APIs could be vulnerable. By securing the exposed layers of an API using API security solutions and API management best practices, you can mitigate attacks and protect your organization, your customers, your data, and your bottom line.
API security best practice: Shield right, shift left
You may have heard the phrase “Shield Right while Shifting Left?“
“Shield Right” is talking about the emphasis on protecting your APIs at runtime and beyond. Doing this will allow you to provide a defense against unknown attacks using a combination of AI/ML and defined algorithms and policies. Even perfectly coded APIs can be attacked.
“Shift Left” is referring to is shifting your security focus to the beginning of the API Lifecycle process and to integrate it into the design and development of an API which works to help protect it in every other step of the API Lifecycle all the way to the retirement of an API.
A best-in-class API security solution
Software AG webMethods provides an API Security Solution that can integrate with other API Security products to align with the cybersecurity strategy for your organization. The holistic approach to API Management provided by webMethods makes it the ideal API security solution, no matter what other products you might be using.
Software AG’s partnership with Cequence Security is an example of how Software AG is working to address this rapidly expanding issue of API security. As you know, an API gateway is a core and essential component of your API security strategy but it is also critical that your API gateway is able to easily integrate with other API Security products, such as those provided by Cequence Security. Recently, I was able to catch up with Subbu Iyer, Vice President for Product Management at Cequence Security. We talked about API Security features provided by Cequence Security and how easily Software AG webMethods API Gateway can integrate with the API security products provided by Cequence Security and how well it complements their platform.
Watch the full video to learn more about API security and the partnership between Software AG and Cequence Security.