In this series on the Top 10 API threats and How to Prevent Them, Forum Systems shares security insights compiled over many years, delivering secure and reliable solutions for web services and API modernization initiatives.
#3 How to Secure APIs from HTTP Method Attacks
The previous article How to Detect and Stop URL Parameter Tampering describes an API threat vector that uses URL parameters to launch attacks. APIs remain vulnerable if the API Security fails to also deal with HTTP Method attacks.
Knowing your Methods
API clients use HTTP methods to request an application to perform a specific action: