ClipboardIcon

Abstract: Web APIs threaten compliance because they expose back end systems and data to unknown third party applications, and security policies addressing compliance control objectives must evolve. Web API compliance risks include breaches of consumer identity data and theft of other confidential information. In the case of PCI DSS, for example, companies that do not secure their APIs face difficulty passing a compliance scan. Worse, they face major fines and liability in the event of a security breach caused by a deficiently controlled API.

This paper looks at the ways that Web APIs affect the attainment of control objectives, using the examples of HIPAA and PCI DSS 3.0 compliance.

Complete the form to Claim Your Download

*
*


*
*
*



Form Type:

Lead Source Detail:
Don BergalDownload Securing Web APIs to Meet Compliance Control Objectives