API Security Encyclopedia

Web APIs have emerged as one of the leading vectors of security attacks. Now, the entry point to the network architecture is the plethora of APIs that call to the backend server to provide the functions of the application. This puts the quality and security of your APIs in the spotlight.

The starting point for the API security is the API definition itself. If the API definition has gaping security holes, applying security measures on top of that just creates a ticking time bomb. The first step is to make sure your API conforms to security best practices.

API Security Encyclopedia collects together information on the risks, guidelines, and recommendations relating to API security. It provides descriptions and remediations for all the issues that API Security Audit might find in your API definitions.

Both OpenAPI Specification (OAS) v2 and v3 are supported. You can find the articles applicable to each version in their dedicated sections.