A few days ago I posted about the Nissan Leaf's Naked APIs. The enormity
of having a totally naked API in the wild aside, I'm wondering how
organizations assign responsibility for API security? And how do you
decide how much security is 'enough'? Are...