---
layout: post
title: Why I Added Cybersecurity To My API Monitoring Research
image: https://s3.amazonaws.com/kinlane-productions2/bw-icons/bw-cybersecurity.png
atomdate: 2016-08-30 20:00:00+00:00
tags:
- Monitoring
- Cybersecurity
- Research
---
I recently added a [new area of research to API Evangelist focused on cybersecurity](http://cybersecurity.apievangelist.com/). I added this area of research not because APIs are being used to hack systems, which does happen occasionally. I did this because I wanted to better tune into this area because APIs are being applied by all sides (are there sides?) to communicate, evaluate cybersecurity events, and spread their message--which is a significant part of what is cybersecurity.

When APIs aren't properly secured, and a breach occurs, I consider this a security topic and file it under [my API security research](http://security.apievangelist.com/). If something occurs in the wider global security theater, I file it under my cybersecurity research. This research doesn't always directly touch on APIs, but in [many cases like the recent DNC hacks APIs are being used to analyze, study, share stories, and communicate around these often ongoing cybesecurity events](http://motherboard.vice.com/read/why-twitter-was-the-platform-of-choice-for-ripping-apart-the-nsa-dump).

I am seeing APIs often being used as part of the levers pulled when it comes to the theater of cybersecurity, whether its anonymous bitcoin ransom payments, [Guccifer 2.0 spreading the story of a recent breach of Twitter](https://twitter.com/guccifer_2), or researchers doing their forensic studies. As with other areas of my API monitoring, establishing a dedicated research project helps me tune in closer to what is going on, identify key actors, and better understand the role of APIs in the fast-growing world of cybersecurity.