Top 5 threats to apis servicing mobile apps

Click for: original source

David Stewart put together this blog post about security threats to APIs. As mobile apps become increasingly paramount to operating successfully in today’s markets, a big question mark over API security is raised. Gartner has previously predicted that by 2022, “API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.” Since every mobile app out there is powered by APIs, securing them is clearly a top priority.

When it comes to APIs which service mobile apps, the trouble is that anyone – including attackers – can freely install an application on a device he/she controls to reverse engineer and study it for weaknesses.

The article the dives into:

  • MITM (man in the middle) attacks
  • Data scraping
  • Credential stuffing
  • App impersonation
  • DoS and DDoS attacks

APIs are a critical part of mobile apps and, as such, are increasingly becoming a target for hackers. Great read.

[Read More]

Tags apis infosec web-development code-refactoring json restful