VentureBeat: Why API Security is a Fast-growing Threat to Data-driven Enterprises
On November 23, NetSPI Managing Director, Nabil Hannan, was featured in the VentureBeat article called Why API Security is a Fast-growing Threat to Data-driven Enterprises. Read the preview below or view it online.
+++
As data-driven enterprises rely heavily on their software application architecture, application programming interfaces (APIs) occupy a significant position. APIs have revolutionized the way web applications are used, as they aid communication pipelines between multiple services. Developers can integrate any modern technology with their architecture by using APIs, which is highly useful for adding features that a customer needs.
By nature, APIs are vulnerable to exposing application logic and sensitive data such as personally identifiable information (PII), which makes them an easy target for attackers. Often available over public networks (accessible from anywhere), APIs are typically well-documented and can be quickly reverse-engineered by malicious actors. They are also susceptible to denial of service (DDoS) incidents.
The most significant data leaks are due to faulty, vulnerable or hacked APIs, which can reveal medical, financial and personal data to the general public. In addition, various attacks can occur if an API is not secured correctly, making API security a vital aspect for data-driven businesses today.
The Future of API Security
“We’re most likely going to see a different software paradigm shift in the next five years that combines features from REST and SOAP security. I believe there will be a software development paradigm where features from each method are used to create a combined superior method,” Nabil Hannan, managing director at NetSPI, told VentureBeat. “This combination will take security out of the hands of the developers and allow for better ‘secure by design’ adoption.”
Hannan said that the concept of identity and authentication is changing, and we need to move away from usernames and passwords and two-factor authentication, which relies on humans not making any errors.
“The authentication workflow will shift to what companies like Apple are doing around identity management with innovations like the iOS16 keychain. This will be developed through APIs in the near future,” he said.
You can read the full article at VentureBeat!
Explore More News
TechCircle: NetSPI’s CPTO on Why Proactive Security is Fast Becoming the Enterprise Default
TechCircle explores how NetSPI enables proactive security for enterprise companies in a one-on-one interview with its Interim Chief Product and Technology Officer, Sridhar Jayanthi.
TechRound: Expert Predictions for Cybersecurity in 2026
Nick Walker, Regional Director for EMEA at NetSPI, contributed to TechRound’s expert roundup on what to expect in cybersecurity in 2026, arguing that identity will replace networks as the primary battleground.
Emerging Risks: The Big Question: Maturity vs hype. Are companies buying the right cybersecurity for where they really are?
Hear from Nick Walker, Regional Director for EMEA at NetSPI, in Emerging Risks on why many organisations are investing in advanced cybersecurity before they are ready – and how misaligned ambition is creating new risk.