Akana Report (reg reqd) – “The front lines of information security risk management evolve in parallel with the dominant technologies in common use.  The emergence of the Web brought Web-based threats and resulting countermeasures.   The rise of SQL databases brought SQL injection and its mitigations.  Now, we have the increasing usage and business importance of Application Programming Interfaces (APIs), which are vital the development of mobile applications and the digital enterprise in general.  APIs, like all technologies, have security vulnerabilities. In fact, the very openness that makes them so useful in expanding the enterprise into the digital realm can itself be an avenue of risk exposure. API security risks are also potentially worse, in business impact terms, than earlier generations of information security risk.  APIs are often a key part of fast-track application development, enabling processes such as DevOps and connecting multiple corporate entities in rapid implementation cycles.  While great for business, these capabilities can also expose more than one business to risks that might have previously been limited to a single corporation.  Liability and compliance risks also grow with the increases in pace and connectivity.”