In his oft-quoted book, “The Art of War,” Chinese general Sun Tzu said, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” In summary: To know your enemy, you must become your enemy.
OWASP also maintains an API Security Top 10 list focused on the unique security risks for application programming interfaces (APIs). Let’s dive into the top risks for API security that you need to consider during threat modeling: Figure 1 – OWASP API Security Top 10
Key principles of zero trust include: Know your architecture, including users, devices, services and data.