It is not enough to have an API tool that can simply discover the APIs for each application and then implement risk-policy firewalls. A better strategy expands API discovery capabilities to include dynamically testing, verifying and triaging continuously during integrated application tests at runtime compilation with other open source and third-party codebases and APIs.

Read full article on The New Stack