Breaking Down 3 API Security Breaches
Too Long; Didn't Read
The following three API security breaches provide helpful lessons for improving security today. I've selected the three examples because they demonstrate the traditional and continued need for technical, managerial, and leadership oversight. Panera Bread's unauthenticated API allowed anyone to query certain info about anyone. The vulnerability appears to have been ignored by Panera's CIO for more than 8 months. In November 2018, USPS had fixed a vulnerability in their Informed Visibility API. The data exposed included phone numbers, addresses, and usernames.