 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
Feature image via Pixabay.
Shadow APIs are a problem that not everyone takes seriously. Only 11% of people surveyed for Salt Security’s State of API Security Q3 2021 are greatly concerned about the security risks of shadow or unknown APIs. In contrast, 42% are greatly worried about zombie APIs, which were assumed to be turned off but can be targeted for an account takeover.
The first step towards addressing shadow APIs is documenting the ones your organization has. Compared to when the study was first conducted six months ago, the percentage of respondents that are at least somewhat confident their API inventory is complete increased from 53% to 62%.
Salt Security’s customer data indicates that respondents significantly underestimate the number of existing shadow APIs. Everyone also knows that misconfigured APIs are a big and growing problem for cloud security. Every unaccounted API adds to that problem, but so do APIs that are documented incorrectly.
Perhaps the easiest thing to do going forward is to remind everyone that zombie APIs are really just a category of shadow APIs. The harder part will be to get adults to admit they are afraid of their shadows.
