From securityboulevard.com
Zero-trust architecture is being adopted across all assets within network infrastructure—data, cloud, applications. And now, more frequently, developers are seeing zero-trust as a useful security approach for APIs. That’s because APIs are becoming a more frequent attack target, in part because they tend to be less mature in their identity and access protections while transmitting large amounts of sensitive data and because almost every organization has them.
“Zero-trust can be applied to API security to make sure that API’s are constructed in ways that allow for a robust security model to be applied easily and effectively, so API users only have access to what they need,” said Kevin Dunne, president at Pathlock, in an email interview.