Guest: Etienne De Burgh, Senior Security and Compliance Specialist, Office of the CISO @ Google Cloud Topics: Why is API security hot now? What happened that made it a priority for many?  Is API security different from application security? Doesn't the first "A" in API  stand for application?  What are the real threats to exposed APIs? APIs are designed for automated use, so how do you tell automated use from automated abuse / attack? What are the biggest challenges that companies are having with API security? What are the components of API security? Is there a “secure by default API”? API threat detection? Just like cloud in general, API misconfigurations seem to be leading to security problems, are APIs hard to configure securely for most organizations? Resources: Google Cloud Security Summit  - come see us on May 17, 2022 “Securing web applications and APIs anywhere” (at our Security Summit) OWASP Top 10 for API Security “Best practices for securing your applications and APIs using Apigee”