{"product_id":"secure-apis-design-build-and-implement-9781633436633","title":"Secure APIs: Design, Build, and Implement","description":"\u003cb\u003ePractical, battle-tested techniques to recognize and prevent attacks on your APIs.\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003eHackers know how important your APIs are, and they also know how to find the weak spots in your API security. As a result, APIs have become principal vectors of attack against apps and sites. \u003ci\u003eSecure APIs: Design, build, and implement\u003c\/i\u003e shows you reliable methods you can use to counter cracks, hacks, and attacks on your internal and external APIs. \u003cp\u003e\u003c\/p\u003eIn this innovative new book, you'll learn: \u003cp\u003e\u003c\/p\u003e - Addressing the OWASP Top 10 API security vulnerabilities\u003cbr\u003e - API security by design\u003cbr\u003e - Zero-trust security\u003cbr\u003e - Automated API testing strategies\u003cbr\u003e - Observability and monitoring for threat detection \u003cp\u003e\u003c\/p\u003e Written for developers and architects, \u003ci\u003eSecure APIs: Design, build, and implement\u003c\/i\u003e shows you how to create and deploy APIs that are resistant to the most common security threats. Author \u003cb\u003eJosé Peralta\u003c\/b\u003e illustrates each vulnerability with extended code samples and shows you exactly how to mitigate them in your own APIs. You'll find insights into emerging AI-powered security threats, along with tips and patterns for using LLMs in your own security testing. \u003cp\u003e\u003c\/p\u003e \u003cb\u003eAbout the technology\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003e APIs are the primary way to share data and services privately inside applications and publicly with customers and partners. Unfortunately, they're also a prime target for cyberattacks. Here's the good news! There are proven strategies for finding vulnerabilities, locking out intruders, and building APIs that are secure by design. \u003cp\u003e\u003c\/p\u003e \u003cb\u003eAbout the book\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003e \u003ci\u003eSecure APIs\u003c\/i\u003e teaches you to design, implement, and deploy secure APIs, providing clear examples of how attackers exploit weak authentication, insufficient constraints, and flawed architecture. In this practical book, you'll dissect the OWASP Top 10 API security risks and explore techniques to harden your APIs, establish real-time monitoring, and prepare for fast incident response. Case studies from e-commerce, ridesharing, and other high-visibility targets show you how to deploy APIs that stay secure in production. \u003cp\u003e\u003c\/p\u003e \u003cb\u003eWhat's inside\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003e - API security by design\u003cbr\u003e - Zero-trust security\u003cbr\u003e - Automated API testing strategies\u003cbr\u003e - Observability and monitoring for threat detection \u003cp\u003e\u003c\/p\u003e\u003cb\u003eAbout the reader\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003e For software developers and architects, cybersecurity professionals, and QA engineers. Examples are in Python. \u003cp\u003e\u003c\/p\u003e \u003cb\u003eAbout the author\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003e \u003cb\u003eJosé Haro Peralta\u003c\/b\u003e is head of cybersecurity strategy at APISec, and author of \u003ci\u003eMicroservice APIs\u003c\/i\u003e. He's also the founder of microapis.io and apithreats.com. \u003cp\u003e\u003c\/p\u003e \u003cb\u003eTable of Contents\u003c\/b\u003e \u003cp\u003e\u003c\/p\u003e 1 What is API security?\u003cbr\u003e 2 Aligning API security with your organization\u003cbr\u003e 3 API security principles\u003cbr\u003e 4 Top API authentication and authorization vulnerabilities\u003cbr\u003e 5 Top API configuration and management vulnerabilities\u003cbr\u003e 6 API security by design\u003cbr\u003e 7 API authorization and authentication\u003cbr\u003e 8 Implementing API authentication and authorization\u003cbr\u003e 9 Secure API infrastructure\u003cbr\u003e 10 Financial-grade APIs\u003cbr\u003e 11 Observability for API security\u003cbr\u003e 12 Testing API security\u003cbr\u003e A API security checklist\u003cbr\u003e B Setting up Auth0 for authentication and authorization\u003cbr\u003e C API security RFCs and learning resource \u003cp\u003e\u003c\/p\u003e Get a free eBook (PDF or ePub) from Manning as well as access to the online liveBook format (and its AI assistant that will answer your questions in any language) when you purchase the print book.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAbout the Author\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eJosé Haro Peralta\u003c\/b\u003e is a consultant, instructor, and author of \u003ci\u003eMicroservice APIs\u003c\/i\u003e. He's also the founder of microapis.io and apithreats.com.\u003cbr\u003e","brand":"Manning Publications","offers":[{"title":"Default Title","offer_id":51806108188946,"sku":"9781633436633","price":55.99,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0831\/4771\/8930\/files\/img_e32b074b-6421-4190-a725-915c81b87407.jpg?v=1765976601","url":"https:\/\/surprise-castle.myshopify.com\/products\/secure-apis-design-build-and-implement-9781633436633","provider":"Surprise Castle","version":"1.0","type":"link"}