API Security & Compliance: Implicit and explicit requirements for data protection

The emergence of APIs as a major compliance issue is not surprising. Exposed or misconfigured APIs are prevalent, easy to compromise, and often unprotected. And just one breached API can result in millions of records being stolen.

That is why evolving regulations like PCI DSS v4.0, GDPR and DORA clearly focus on securing the applications and infrastructure within which APIs operate. It is implied that your organization must:

  • Account for every API, including elusive shadow APIs
  • Uncover and fix any API vulnerabilities
  • Apply controls tailor-made to prevent API-centric data breaches

This white paper explores the nature of growing API risks, highlights six examples of regulations and frameworks that require API protections (either explicitly or implicitly), and offers advice on how to meet compliance requirements through API security best practices.

Please fill out the form below to access the content:

I’d like to receive more information from Akamai. By submitting this form, I am providing consent to receive marketing communications and I understand and agree to the usage of my corporate contact information in accordance with Akamai’s privacy statement at Privacy policy