Protecting modern applications against API vulnerabilities is challenging. New application types are increasingly complex, often built in the cloud from dozens of microservices and connecting to users via the web and to mobile devices. Each level of complexity is a new threat vector.
The OWASP API Top 10 enumerates the unique vulnerabilities and exposure that APIs create in modern applications. This research helps guide engineering, security, and IT teams in prioritizing risks and mitigating business disruptions from API abuse and attack.