![[The AI Show Episode 146]: Rise of “AI-First” Companies, AI Job Disruption, GPT-4o Update Gets Rolled Back, How Big Consulting Firms Use AI, and Meta AI App](https://www.marketingaiinstitute.com/hubfs/ep%20146%20cover.png)
![[DEALS] The Premium Python Programming PCEP Certification Prep Bundle (67% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
_Aleksey_Funtap_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
_Sergey_Tarasov_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Apple Developing New Chips for Smart Glasses, Macs, AI Servers [Report]](https://www.iclarified.com/images/news/97269/97269/97269-640.jpg)
![Apple Shares New Mother's Day Ad: 'A Gift for Mom' [Video]](https://www.iclarified.com/images/news/97267/97267/97267-640.jpg)
![Apple Shares Official Trailer for 'Stick' Starring Owen Wilson [Video]](https://www.iclarified.com/images/news/97264/97264/97264-640.jpg)
Shadow APIs: Understanding the Risk and 6 Ways to Reduce It
What Is a Shadow API? A shadow API is an application programming interface that is created or used without explicit approval from the organization’s IT or security teams. Shadow APIs can emerge from various sources, including developers experimenting with new features, legacy systems that are no longer officially supported but still in use, or services integrated outside of formal IT channels. This is part of a series of articles about API security Unlike official APIs, shadow APIs lack oversight and governance, making them invisible to the security measures typically applied to known and documented APIs. They operate under the radar of standard security and monitoring practices. Because these APIs were not introduced through sanctioned processes, they are excluded from inventory or documentation efforts. As a result, shadow APIs present significant risks. They are not subjected to regular security assessments, patches, and compliance checks that would normally be part of an API’s lifecycle management in a secure software development environment. Read the full article: Shadow APIs: Understanding the Risk and 6 Ways to Reduce It
What Is a Shadow API?
A shadow API is an application programming interface that is created or used without explicit approval from the organization’s IT or security teams. Shadow APIs can emerge from various sources, including developers experimenting with new features, legacy systems that are no longer officially supported but still in use, or services integrated outside of formal IT channels.
This is part of a series of articles about API security
Unlike official APIs, shadow APIs lack oversight and governance, making them invisible to the security measures typically applied to known and documented APIs. They operate under the radar of standard security and monitoring practices. Because these APIs were not introduced through sanctioned processes, they are excluded from inventory or documentation efforts.
As a result, shadow APIs present significant risks. They are not subjected to regular security assessments, patches, and compliance checks that would normally be part of an API’s lifecycle management in a secure software development environment.
Read the full article: Shadow APIs: Understanding the Risk and 6 Ways to Reduce It
