API schema definitions may not be available
to you as a result of siloed development and
security efforts. Or third parties may not
make them available to you. Your
organization’s API catalog is much more than
the APIs mediated by API management and
API gateways since APIs may be built,
acquired, or integrated outside of formal
process. An accurate API inventory is critical
to many aspects of IT within the
organization. Compliance, risk, and privacy
teams will require API inventory, particularly
as they must answer to regulatory bodies.
Security teams also need API inventory so
that they can have a realistic view of their
attack surface and risk posture to help
prioritize the wide range of API security
activities that must be accounted for.
Best practices for API discovery and cataloging include:
1.
Dostları ilə paylaş: