From the course: The OWASP API 2023 Top 10: An Overview
Join today to access over 24,700 courses taught by industry experts.
API10:2023 Unsafe Consumption of APIs
From the course: The OWASP API 2023 Top 10: An Overview
API10:2023 Unsafe Consumption of APIs
- The 10th and final vulnerability in the 2023 API Security Top 10 is unsafe consumption of APIs. OWASP explains this vulnerability as, "Developers tend to trust data received from third-party APIs more than user input, and so tend to adopt weaker security standards. In order to compromise APIs, attackers go after integrated third-party services instead of trying to compromise the target API directly." Unsafe consumption of APIs occur when an application interacts with an external or third-party API in an insecure manner, sometimes disregarding its own security best practices and trusting the security of the external API. This misplaced trust can lead to major security risks, such as unauthorized access, data exposure, and even potential compromise of the application's functionality and integrity. If an attacker can identify and potentially compromise the API or service the target is integrated with, they may be able to…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
API1:2023 Broken Object-Level Authorization3m 39s
-
(Locked)
API2:2023 Broken Authentication2m 54s
-
(Locked)
API3:2023 Broken Object-Property-Level Authorization3m 46s
-
(Locked)
API4:2023 Unrestricted Resource Consumption3m 9s
-
(Locked)
API5:2023 Broken Function-Level Authorization3m 8s
-
(Locked)
API6:2023 Unrestricted Access to Sensitive Business Flows2m 54s
-
(Locked)
API7:2023 Server-Side Request Forgery2m 11s
-
(Locked)
API8:2023 Security Misconfigurations3m 40s
-
(Locked)
API9:2023 Improper Inventory Management3m 5s
-
(Locked)
API10:2023 Unsafe Consumption of APIs3m 33s
-
(Locked)
-