Question
How to protect web API endpoints from unauthorised access and abuse?
Context
Cloud applications expose API end-points. These endpoints are often exposed to the Internet and as such are prone to different attacks.
Solution
Web access firewall should be used to control incoming and outgoing access to and from end-points.
References
Web Application Firewall - www.owasp.org
AWS WAF - aws.amazon.com