In 2019 OWASP led the industry with a clear definition of the Top 10 vulnerabilities that APIs faced. It became the lightening rod for development and security leaders to measure their APIs.
What is the OWASP Top 10 for API ?
Lets start with list:
- API1:2019 Broken Object Level Authorization
- API2:2019 Broken User Authentication
- API3:2019 Excessive Data Exposure
- API4:2019 Lack of Resources & Rate Limiting
- API5:2019 Broken Function Level Authorization
- API6:2019 Mass Assignment
- API7:2019 Security Misconfiguration
- API8:2019 Injection
- API9:2019 Improper Assets Management
- API10:2019 Insufficient Logging & Monitoring
The first 8 on the OWASP API top 10 are developer centric, they highlight the key design elements that must be factored into the design of the API.The major challenge is that implementation of OWASP Top 10 requires strong.
Security understanding to a level of what a hacker would do.This is where APIsec comes in, we bring the mind of a hacker to the API development, and create secure by default.
APIsec is an innovator in the field of API security, starting with development, staging and production.Its our experience working with applications that resulted in the genisys of our product.