PREDICTIVE INTELLIGENCE

Another safeguard is to set sensible rate limits on the request traffic to the API . A limiter will look at various metrics including request frequency as well as setting CPU and memory thresholds within the API . Of course , there are times when an API will see a surge in traffic and on these occasions caching , sideloading and load balancing can be used to regulate access to the API .

Any API is a target

The problem with API security is that any attack will usually see an abuse of either poor coding , poor security mechanisms or the API ’ s functionality itself , so it ’ s perfectly possible for a securely written API to be compromised . For this reason , threat detection and mitigation should be used to block API threats in real time . However , it ’ s also vital that any attack is verified in order to prevent very high

false positive rates and the throttling of traffic to the API which means the threat mitigation tool must be customisable in addition to offering the ability to block , log , deceive , or rate limit an attack .

Qualifying an attack is much easier if that tool utilises a threat intelligence database . This can utilise Machine Learning and AI to pull in data from a broader dataset than just the application in order to make intelligent decisions on malicious traffic and it works by comparing normal operations with attack tactics , techniques and procedures ( TTPs ) to spot the most subtle of threats . Such threat intelligence is invaluable , particularly given that we are now seeing attackers combine TTPs from the OWASP API top 10 with feints that mask their real target .

Both internal and external ( i . e . public facing ) APIs should be subject to these security controls but it ’ s also important to look at APIs as part of the wider network . Integration with gateways , proxies , load

34 www . intelligentciso . com