Transport

Securing how the API traffic is transported to and from your API is important for keeping the data away from prying eyes. For example, if your API allows unencrypted traffic, otherwise well-rounded security can be rendered useless when  requests and responses are transmitted in the open. Anyone listening to the network traffic while the calls are being made may intercept them and use the gained information to circumvent your other security measures.

Browse through this section to see the details of each API security risk related to transporting the API traffic.