Li Shaopeng, founder of Digital World Consulting, said in the opening remarks that with the booming development of cloud computing, mobile Internet and Internet of Things, more and more application development is depending on mutual call between API, thus making API security receive significant attention. At the same time, API is also becoming the target of attackers, resulting in frequent international and domestic API attacks. With new security challenges faced by many enterprises, it is of great significance to continuously optimize and upgrade the security technology to help enterprises explore the security system to meet the new demand.



At the meeting, Digital World Consulting released the “API security research report”, which provides reference and guidance to users on API security problems in the process of enterprise development and and help enterprise users became more competitive in the digital wave. The report describes the importance of API as an infrastructure in the digital age in terms of its technical application capability and business shaping capability. It also describes the concept of API security in terms of its risks, complexity and practical application. Finally, it briefly introduces the best practitioners and API security reference framework at home and abroad. The report  indicates that Starcross Technology was one of the best practitioners in China, which shows that Starcross Technology’s work on API security was highly appreciated by professionals.



Star stop TECHNOLOGY CTO Xu Yue shared the "enterprise API security protection system construction" in the salon, he mentioned that in the era of the Internet of everything, the digital transformation of all industries, a large number of enterprise capabilities to SaaS API services and third-party vendors integration, Such as financial OpenBanking, digital government platform, large-scale distributed Internet application, smart city, Internet of Things and other scenarios. Enterprise data is transferred through API, and the growing number of API has led to a focus on API security. On the one hand, as API has become the "trunk road" for dataflow, their weaknesses are becoming a concern for cyber attackers. On the other hand, with the formal implementation of the Data Security Law and the Personal Privacy Protection Law, enterprises also face the requirements of data transmission security supervision in the process of digital transformation. Enterprises can deal with API security risks by starting from the API life cycle and embedding security protection capabilities in different stages of API design, R&D, testing, operation and offline. Meanwhile, technical solutions should take into account business needs and cloud-based IT infrastructure.



In the network security three people round table discussion, the founder of Digital World Consulting Li Shaopeng, senior security experts from Qi AnXin, sharp security chief Zhang Xiaobing and starcross Technology CEO Wang Yu launched a discussion

On “how to ensure API security”. what is API security? how important is API security? the current domestic industry scenarios, the most urgent demand for API security, how to build enterprise API security construction, all the above issues were discussed and communicated deeply.



When it comes to API security, Wang Yu said that at present, API is carrying more and more complex application logic and more sensitive data, and a lot of new communication scenarios are born on the basis of API. As a double-edged sword, APIs are not only convenient for enterprises, but also become a key target for attackers. Through API asset intelligent identification, API threat and behavior monitoring, API data flow monitoring and other dimensions, Starcross Technology provides API security protection capabilities for digital finance, open banking, cloud computing and other application scenarios, and provides open and flexible scenario configuration capabilities. Besides, the company is committed to helping enterprises to establish life cycle protection of API .



API can solve the problem of high value and high interaction, Zhang Xiaobing said, and the market will have broader prospects driven by new technologies. In addition, he also indicated that excellent API security products need to pay attention to the early stage of dynamic asset sorting, help customers to clarify  the API assets in real time to achieve more comprehensive protection, reduce a series of security problems caused by unclear assets, so as to carry out the later stage of THE API life cycle security construction.



Only belief can make a company go further. In the exploration of API security, Starcross Technology never stops and will make further efforts on related standards work of API security. Standing in the API security industry development frontier, Starcross Technology will produce mature products and high quality solutions to provide guarantees for API security of all industries, and make contributions to build a bigger and stronger API security market.