Protecting Server APIs: Safeguarding the “crown jewels” housed on back-end servers
APIs are transforming the way we develop applications and do business. Given the strategic value of APIs, adoption is growing at an unprecedented rate. This company embarked on a vision to revolutionize the way we communicate — chatting, sharing photos and videos, and it even integrated a popular payment API for peer-to-peer money exchange. They realized APIs introduced new risks / attack vectors, particularly the risks associated with client apps accessing server APIs using simple authentication based on challenge-response exchange.