Secure APIs: Design, build, and implement shows you modern approaches to uncovering and stopping threats to your APIs, including the OWASP Top 10 API security vulnerabilities, architectural weaknesses, and common mistakes for authentication and authorization. Throughout the book, you’ll find techniques for testing system security, identifying data leak vectors, and discovering insufficient constraints.
You’ll explore dozens of practical examples based on real-world APIs that range from e-commerce to ride-sharing. Learn how to ensure that your organization is aligned with the need for API security, and shift left to bake the essential principles of secure API design in at the earliest stages of development. Plus, patterns and advice for observability ensure you can spot intrusions early and know what to do in the event of an attack.