How are you assessing the security posture of third-party APIs the business relies on? What criteria do you use currently?

Security Strategy & RoadmapThreat & Vulnerability Management
2.2k viewscircle icon2 Comments
Sort by:
Senior Director Of Technology in Softwarea year ago

We do internal vulnerability testing of 3rd party APIs like we do for ours.

Lightbulb on1
Director of IT in IT Servicesa year ago

We evaluate third-party API security through comprehensive risk assessments, focusing on authentication protocols, data encryption, and vendor compliance.

Content you might like

What’s your “hot take” when it comes to security questionnaires?

Does your org distribute any seasonal cyber awareness materials that address black friday/cyber monday phishing scams?

Yes80%

No15%

No, but we might do this next year4%

View Results

What tools/services do you use for CTEM (continuous threat exposure management)?

Read More Comments

What are you currently doing to improve vulnerability patching?

Not making improvements currently3%

DevOps41%

Infrastructure-as-code39%

Automation55%

Asset inventory improvements28%

Coordinated test procedures27%

Test lab environment6%

Scanning improvements23%

New tools7%

Something else (I’ll explain in the comments)1%

View Results

How are you currently managing SIEM costs? Have you found effective ways to actually reduce storage costs for your SIEM?

Read More Comments