Exposing an API to your application is as risky as installing a doggie door into your house: you expect your dog to have the convenience of outdoor access, but the reality is that you cut a hole in your house.
The intended use is to give the anticipated “users” access to an area that is otherwise private. However, once you open that portal into your sanctuary, there’s no telling who else might take advantage of it. Just as the doggie door can open your home to all sorts of wildlife, so can API exposure open the door to application usage you never anticipated (both innocent misuse and malicious attacks).
A recent incident in Parasoft's home town of Monrovia, CA provides a real-life example of how a doggie door can lead to some rather unexpected consequences...
A Monrovia resident recently came home to find that 2 bears entered his home through a doggie door, ransacked his kitchen, and ate everything in site. For the full story, including some video, see Bears Break Through Pet Door, Ransack Monrovia Kitchen.
API Testing - Gartner Research
As organizations expose their business-critical services as APIs, test and QA teams need to ensure the organization is protected against the threats and dangers that such exposure could bring.
Read new Gartner API Testing research to learn:
- Why hardening back-end services is essential for the API Economy.
- API Integrity research findings: how buggy are APIs, what issues were most prevalent, and what is the business impact?
- How a global asset management company achieved a 20X reduction in API testing time as they transitioned to Agile.
- Gartner's recommendations for service/API testing.