Slides and Recording From My APISEC|Con 2024 Talk on API Sprawl

What Is API Sprawl, And What Can You Do About It?

You may think your API portfolio looks well-maintained, like a pristine city. Well, think again — welcome to the desert of the real... a land full of zombie APIs and shadow endpoints...

Today, I presented at APIsec University's online conference, API|SEC CON 2024, which had over 1,700 people join to talk all things API security. In my session, What Is API Sprawl, And What Can You Do About It?, I went through some statistics about the state of API adoption and spotlighted some indications that API sprawl conditions are emerging. I ended with some ideas on how to avoid API sprawl. All with references to The Matrix, of course.

Thank you for inviting me to speak, it was a pleasure to be a part of the event!

Here are some of the resources I mentioned in my talk:

- APIFutures: API Sprawl to Be a Pressing Concern in 2024

- API Futures project

- Continuous API Sprawl: Challenges and Opportunities in an API-Driven Economy, F5 report, 2021.

- Why CIOs back API governance to avoid tech sprawl

- The 2022 API Security Trends Report, S&P Global Market Intelligence, 2022.

- The Nordic APIs blog and digest

- OWASP API Security Top 10 2023

Follow me on LinkedIn or X for updates about my articles and upcoming research into API governance!

Download the slides here: