API Attack Surface
Why APIs are targeted.
What Is an API
An API (Application Programming Interface) lets programs talk to each other over a network.
Web and mobile apps use APIs to send and receive data, often as JSON over HTTP.
What Is an Attack Surface
The attack surface is the sum of all the ways an attacker could try to break in.
For an API, every endpoint, parameter, and header is part of that surface.
All lessons in this course
- API Attack Surface
- Broken Authorization
- Rate Limiting and Abuse
- Securing API Keys