Whether you are checking the weather on your phone or booking a ticket, watching your stock ticker, or speaking with a chatbot, chances are you’re interacting with an API, or Application Programming Interface. In fact, the total number of public and private APIs in use is almost a whopping 200 million!
This huge number of APIs and the physical spread of the distributed infrastructure locations has created a challenge known as an “API sprawl”.
American technology company F5 recently released a study that looks at the challenges and opportunities that an API-driven economy presents. The authors say, “If data is the new oil, then APIs could, unfortunately, become the new plastic, with by-products wreaking havoc on the ecosystem. To stay healthy and thrive in the API-driven economy, it’s time for organizations to get serious about creating, using, and managing APIs responsibly.”
API sprawl is as continuous as the application lifecycle process itself. There are many kinds of APIs, from public productized APIs (like Google Maps) to private or partner APIs (used by internal teams of companies).
APIs can be web-based, browser-based, or device-based as well as built to serve a single purpose or intended to aggregate multiple different data providers. Given the enormous number of APIs on the market, managing growth poses a challenge, especially if organizations do not follow best practices.
Keeping track
As the number of APIs grows, it becomes hard to keep track of where they are located. This can result in documentation issues, which impacts end-to-end connectivity. API documentation needs to be strong to effectively use, integrate, maintain, and update APIs, as well as to improve the experience for developers using the API, reduce time spent onboarding new users, and identify and resolve bugs faster.
Versioning can be missed
Since APIs are updated frequently, issues related to versioning – the practice of transparently managing changes to the API, so users know what to expect – may arise. If ignored by developers, APIs can become unsupported and hard to maintain. Sprawled APIs can thus lead to a reduction in service reliability.
Potential security lapses
APIs are also prone to fraud and malicious behavior, which is why external APIs must be validated for trust. A 2021 report issued by Salt Labs revealed a surge in API attacks over the past six months. Malicious traffic grew by 348%, underscoring the prevalence of cloud-native vulnerabilities. In fact, nearly half of all surveyed developers cite security concerns as a top worry as it delays application rollouts, tarnishes brand reputation, and may lead to revenue loss.
Another report, which polled more than 300 IT decision-makers across the US, says that organizations struggle to detect, understand and control the APIs in their cloud-native apps, and that 40% of all organizations have no solution in production today for discovering and securing APIs. Over 70% of respondents said that security problems are exacerbated by the growing number of APIs and that cloud-native apps and Kubernetes deployments are particularly difficult to protect.
Existing app security solutions and strategies may not properly protect modern apps at the API level, as traditional point products were primarily created for app-to-web communication. Cloud-native environments on the other hand are defined by app-to-app and API-to-API communication.
In today’s API-driven environment, API integration needs to be a critical part of an organization’s security strategy. CloudNow offers API implementation design and delivery models that can help you gain a competitive edge in your market by integrating your legacy system with an API-based strategy. Contact us today for more information.
A report by The Uptime Institute says that each year, an average of about 20…
Google Workspace has more than 3 billion users, but there are several hidden gems in…
While cloud computing does offer financial benefits by reducing the need for physical infrastructure and…
On June 29, 2006, Google launched the Google Maps API, revolutionizing web development by giving…
2024 has been a real coming-of-age year for generative AI in mainstream applications. But many…
Over 6 million businesses use Google Workspace (GWS) today, thanks to a go-to suite…