How's your API security strategy since last year?

We have seen an uptick in customers asking about API protections, primarily in the energy and rental areas of business. In many instances, there are resources in the field collecting data which has to be trasmitted over LTE or WIFI to the corporate offices for billing determination. Clearly, there is a financial component here that can be impacted due to any man in the middle or even abuse of an exposed API. The source IP changes, and many times these field devices dont support strong authentication or authorization. However, when it comes to IoT devices.... everything that runs in the house and has an IP address is laughable, and updates are non-existant. Wallgarden those devices on a dedicated ESSID / VLAN with isolation enabled, and firewall the living hell out of it on outbound access, lol. That is the only way there. So yeah, there is both a business and personal use case 😉