Security professionals increasingly must respond to the needs of business owners exploring web application programming interfaces (APIs) as a new channel for recognizing business value. APIs can create and unlock the value of business data — but only if security pros are prepared to control access to those APIs with the Zero Trust Model of information security firmly in mind. This report provides security pros with an overview of the business scenarios that necessitate exposing APIs externally, the ways in which API management extends service-oriented architecture (SOA) governance, and the API platforms that can help you secure these APIs.