Why API Gateways Are Not Enough to Secure APIs

In an attempt to address the increased use of application programming interfaces (APIs), the marketplace is now littered with a variety of API gateway solutions designed to facilitate all aspects of managing the API lifecycle. Certain API gateways can also process basic signature-based API protection, leading many organizations to assume their APIs have comprehensive protection through their API gateway. Unfortunately, that is not the case.