Unsafe-Consumption-of-API-KrishnaG-CEO

OWASP Top 10 API Security Risks – 2023: API10:2023 – Unsafe Consumption of APIs

The term “unsafe consumption of APIs” refers to the practice where developers trust data received from third-party APIs more than they trust user input, leading to weaker security standards for the data coming from these integrated services. Typically, this occurs because third-party APIs are seen as more “trusted” than direct user input, so developers may not apply the same level of scrutiny or security measures when consuming data from these external sources.

Broken-Authorisation-API-KrishnaG-CEO

OWASP Top 10 API Security Risks – 2023: API3:2023 – Broken Object Property Level Authorisation

API3:2023 represents a nuanced security challenge where improper or absent authorisation checks allow attackers to access or manipulate sensitive properties of an object within an API. Unlike broader access control issues, this risk focuses specifically on granular authorisation, which determines the visibility or modifiability of individual object properties.