The Open Web Application Security Project (OWASP) has unveiled its first release candidate for a top 10 list of security issues. The list focuses on issues that have caused recent data breaches and pose common security hazards in modern cloud-based applications. The top issues identified in the API Security Top 10 list include broken authorization and authentication functions, excessive data exposure, and a failure to focus on rate limiting and resource limiting attacks. Six in 10 companies have more than 400 APIs, and nearly half of companies do not have confidence that they can detect malicious use of their APIs.”]
Source: https://www.darkreading.com/application-security/apis-get-their-own-top-10-security-list