With the explosive growth in API use in every sector, business unit leaders at enterprises that are undergoing digital transformations are calling upon their chief security officers and chief information security officers to ensure the security of APIs.
Security must be built into the APIs themselves. But that’s not enough. Threat protection, identity services, infrastructure security, and compliance also must be top of mind. This eBook provides a framework to help CSOs and CISOs consider API security.
In the wake of Eran Hammer's resignation from the OAuth 2.0 working group, @gbrail and @edanuff discussed the usability of OAuth 2.0 for your APIs, identifying problematic areas of the spec and understanding how to avoid them, and why rolling back to OAuth 1.0 or "rolling your own" is not a great idea.