IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

The IT Pro Podcast: The problem with APIs

With API attacks on the rise, knowing your attack surface is crucial

The IT Pro Podcast logo with the episode number 158 and title 'The problem with APIs'

Application programming interfaces, or APIs, have become an integral part of maintaining an online business, and are often indispensable for cross-functionality and user experience.

However, the increased use of APIs has led to a rise in attacks against them. This can in turn cause breaches of company data or even full account takeovers. Improperly-managed APIs are a key attack surface and firms would do well to treat this seriously as threat actors step up their efforts at exploitation.

In this episode, Rory and Jane are joined by Yaniv Balmas, VP of security research at Salt Security, to discuss the risks that come with using APIs and how to mitigate against them.

Highlights

“When you're speaking a different language than the service is expecting to hear, there could be one of many, many, many issues that will follow starting from very simple things like, you know, simple error page or server crash or something like that. And ranging up into, you know, information disclosure, full account takeovers, and stuff like that.”

“As time passes, yeah, more attackers join this API attacking club, and that's why we see this increase. And if you're asking my predictions on the future I don't see that stopping or, you know, start being in lower volumes. Quite the opposite.”

“If it's a third party tool that you're using, then you need to test it to make sure that, you know, it complies with everything and that it stops everything, all the relevant API attacks. And then finally, once you've deployed your solution, that's not enough because this world is constant, it's dynamic. It's constantly changing. There are always new attacks, every day you hear about new techniques and a new attack.”

Read the full transcript here.

Footnotes

Subscribe

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download

Recommended

ITPro Podcast: The changing face of cyber warfare
cyber warfare

ITPro Podcast: The changing face of cyber warfare

17 Mar 2023
IT Pro Podcast: Are chief metaverse officers here to stay?
Network & Internet

IT Pro Podcast: Are chief metaverse officers here to stay?

10 Mar 2023
The IT Pro Podcast: Is this the beginning of the end for open source?
open source

The IT Pro Podcast: Is this the beginning of the end for open source?

3 Mar 2023
The IT Pro Podcast: The crisis in rural connectivity
Network & Internet

The IT Pro Podcast: The crisis in rural connectivity

24 Feb 2023

Most Popular

HMRC lost nearly 50% more devices in 2022
Hardware

HMRC lost nearly 50% more devices in 2022

17 Mar 2023
The big PSTN switch off: What’s happening between now and 2025?
Sponsored

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
Outlook zero day patch causes headaches for Windows admins
Security

Outlook zero day patch causes headaches for Windows admins

15 Mar 2023