Security Risk from APIs via 3rd party integrations

In this video, Danny Jenkins, CEO of Threat Locker, joins Wes Spencer and Ryan Weeks to discuss the critical importance of API security for MSPs. They delve into the common vulnerabilities and risks associated with API integrations, particularly how they can be exploited by attackers to access sensitive systems and data. The conversation emphasizes the need for MSPs to implement a principle of least privilege, conduct thorough threat modeling, and demand better security practices from vendors to mitigate these risks.

• API security is a critical concern for MSPs, with the potential to become a significant threat vector if not adequately managed.
• MSPs should focus on implementing the principle of least privilege with APIs, questioning the necessity of each integration and limiting access to only what’s necessary.
• Regularly reviewing and understanding API integrations and permissions is vital, along with applying pressure on vendors to provide better security controls.