David Stewart put together this blog post about security threats to APIs. As mobile apps become increasingly paramount to operating successfully in today’s markets, a big question mark over API security is raised. Gartner has previously predicted that by 2022, “API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.” Since every mobile app out there is powered by APIs, securing them is clearly a top priority.
When it comes to APIs which service mobile apps, the trouble is that anyone – including attackers – can freely install an application on a device he/she controls to reverse engineer and study it for weaknesses.
The article the dives into:
- MITM (man in the middle) attacks
- Data scraping
- Credential stuffing
- App impersonation
- DoS and DDoS attacks
APIs are a critical part of mobile apps and, as such, are increasingly becoming a target for hackers. Great read.[Read More]