Digital Transformation is Accelerating API Usage
As businesses bend and reshape to the forces of all things digital, a wholesale reinvention is occurring in how we build, deploy and operate technology. Microservices, Agile development, DevOps and cloud everything-as-a-service are critical elements of the digital evolution. However, perhaps underappreciated in application discussions is the use of APIs as the building blocks of new software architectures.
Paolo Malinverno, research Vice President at Gartner, reminds us that “APIs are at the basis of platforms business models on which ecosystems are built.” Combine this new digital business reality with Zion Market Research’s forecast for the global API management market to reach $3.4 billion by 2022, growing at a CAGR of 33.4%. This rapid proliferation of APIs has given rise to API management solutions, which include authentication and access controls to protect data.
However, if APIs are the arch stone of digital innovation, securing them is of paramount importance. In recent years, API security has seen well-publicized incidents such as the IRS “Get Transcript” API attack and platform-wide attacks such as Heartbleed and Shellshock. API vulnerabilities allow an attacker to bypass key controls such as Privileged Access Management (PAM) because the attack operates at the point of program execution. Despite an obsessive focus on prevention technologies at the network, host and application layers, API security implementations still lag significantly in the detection and protection stages of the security lifecycle.