Secure APIs (MEAP V09)

Practical, battle-tested techniques to recognize and prevent attacks on your APIs.

Hackers know how important your APIs are, and they also know how to find the weak spots in your API security. As a result, APIs have become principal vectors of attack against apps and sites. Here’s the good news! There are effective, tested strategies for finding vulnerabilities, plugging security gaps, and building APIs that are secure by design, as well as a powerful new ally–generative AI.

Secure APIs: Design, build, and implement shows you reliable methods you can use to counter cracks, hacks, and attacks on your internal and external APIs. In this innovative new book, you’ll learn:

Addressing the OWASP Top 10 API security vulnerabilities
API security by design
Zero-trust security
Automated API testing strategies
Observability and monitoring for threat detection

Written for developers and architects, Secure APIs: Design, build, and implement shows you how to create and deploy APIs that are resistant to the most common security threats. Author Jose Peralta illustrates each vulnerability with extended code samples and shows you exactly how to mitigate them in your own APIs. You’ll find insights into emerging AI-powered security threats, along with tips and patterns for using LLMs in your own security testing.
about the book
Secure APIs: Design, build, and implement shows you modern approaches to uncovering and stopping threats to your APIs, including the OWASP Top 10 API security vulnerabilities, architectural weaknesses, and common mistakes for authentication and authorization. Throughout the book, you’ll find techniques for testing system security, identifying data leak vectors, and discovering insufficient constraints.