‍

In this conversation, Matt Johansen and Brian Joe discuss API security and its evolution from traditional application security.

First and foremost, they define what we mean by “API Security.” This involves a quick history lesson on the rise of microservices and decentralized applications. 

They also highlight the challenges and vulnerabilities associated with API security, such as broken authentication and authorization.

We even get into how AI has impacted security testing and the need for innovation in response and enforcement!

Overall, the discussion provides insights into the current state and future of API security. Join us to explore the evolution of web application firewalls (WAFs) and what they can and can not do in the ever-growing world of APIs.

‍Matt’s favorite takeaway: Traditional WAFs inspected a single request and decided if it was good or bad. Next-gen WAFs added the dimension of looking at attack traffic over time instead of that single request. Impart, and modern API Security solutions are going beyond that 2nd dimension and bringing in a lot more context to make security decisions on API traffic.