Governance: Develop secure apis
- Know your apis
- Standarize api deployment process
- Mandate api documentation
- Api development standards
- OPEN API Specification ( IS A MUST )
Testing: Ensure apis are free of flaws
- The apis should be tested in the CI / CD
Monitoring: Detecting threads in production
- Runtime protection
- Authentication
- Thread detection
- Fraudulent trafic
- Control validation
- Uncover anomalies