<description>&lt;p&gt;&lt;span class="TextRun SCXW231040577 BCX0" lang="EN-US" xml:lang= "EN-US" data-contrast="auto"&gt;&lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;Application programing interfaces, more commonly known as APIs, are the engines behind&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;the majority of&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;internet traffic&lt;/span&gt;&lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;. The pervasive and public nature of APIs have increased the&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;attack surface&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;of the systems and applications they are used in&lt;/span&gt;&lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;. In this  &lt;/span&gt;&lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;podcast&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;from the Carnegie Mellon University Software Engineering Institute (SEI)&lt;/span&gt;&lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;, McKinley Sconiers-Hasan, a solutions engineer in the SEI&lt;/span&gt;&lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;'s&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;CERT Division,&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;sits down with Tim Morrow,&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;Situational Awareness Technical Manager,&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;also with the CERT Division,&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;to discuss emerging&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;API&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;security issues and&lt;/span&gt; &lt;span class="NormalTextRun SCXW231040577 BCX0"&gt;the application of zero-trust architecture in&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;securing&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;those&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;systems&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;and applications&lt;/span&gt;&lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt;.&lt;/span&gt; &lt;span class= "NormalTextRun SCXW231040577 BCX0"&gt; &lt;/span&gt;&lt;/span&gt;&lt;span class= "EOP SCXW231040577 BCX0" data-ccp-props="{}"&gt; &lt;/span&gt;&lt;/p&gt;</description>

Software Engineering Institute (SEI) Podcast Series

Members of Technical Staff at the Software Engineering Institute

API Security: An Emerging Concern in Zero Trust Implementations

OCT 8, 202517 MIN
Software Engineering Institute (SEI) Podcast Series

API Security: An Emerging Concern in Zero Trust Implementations

OCT 8, 202517 MIN

Description

Application programing interfaces, more commonly known as APIs, are the engines behind the majority of internet traffic. The pervasive and public nature of APIs have increased the attack surface of the systems and applications they are used in. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), McKinley Sconiers-Hasan, a solutions engineer in the SEI's CERT Division, sits down with Tim Morrow, Situational Awareness Technical Manager, also with the CERT Division, to discuss emerging API security issues and the application of zero-trust architecture in securing those systems and applications.