How's your API security strategy since last year?

A while back, we hosted a user group meeting in Manchester NH for the local maker space. In the presentation, we used some cheap electronics from eBay and showed how easy it was to grab electrical use values on a simple drive by. Absolutely no security. Do this at night, and you can see statistically who is either mining bitcoin or growing herb under grow lights. All of those APIs and communications are not protected. Same thing with home IoT like temp sensors, airthings radon, etc which use a type of bluetooth communication that can be read on the fly as it is transmitting to a users gateway or hub. Those are things that are a bit more scary than remote TV control. (That is also possible btw... I figured out how to remotely control the smart TVs at my parents house remotely over multicast which runs over an IPSEC VPN.) How about car APIs? Those bus communications are also not secured and you can bust out a headlamp, and inject messages into the CPU and open locks/start the car. Truly surprised enterprises are not investing into these technologies to better secure them. This is where F5 can help! 🙂