*(ISC)² Members/Associates can access this course for free by logging into your Member Portal for more information.

This article explores the causes and consequences of data breaches that stem from vulnerabilities in Application Programming Interfaces.

Course Summary

More organizations are adopting APIs and connecting to other systems. These include healthcare, financial services, and other industries that handle sensitive personal information. APIs have consequently become a common target for attackers, as they provide an easy entry point into an organization's systems. Additionally, many organizations are not properly securing their APIs, which leaves them open to exploitation.  This article explores the circumstances behind several widely publicized API breaches and the most common threats and vulnerabilities that can expose APIs to attack. It also explores steps organizations can take to protect APIs.

Key Takeaways:

• • Identifying API risk factors and protecting against them
• • Awareness of rogue APIs (also known as shadow APIs) that have been created and deployed without proper oversight
• • Guidelines for responding to security breaches involving APIs

CPE Reporting

CPE credits earned for this course may be eligible for continuing professional education credits for non-(ISC)² certifications. Please visit the continuing education requirements established by the credentialing organization for eligibility.

Members: Starting January 1st, 2022, CPE Credits for (ISC)² credentials will be reported by Member Services on the 1st of every month. Please allow 10 business days for processing. Courses completed prior to 1/1/2022 will need to be self-reported by members and associates through the (ISC)² CPE Portal accessible via www.isc2.org using your member login credentials.

For specific questions related to your CPE credits or the CPE portal please contact member support - membersupport@isc2.org