By channeling the spirit of Sherlock Holmes and Hercule Poirot, we’ll explore how to learn from failure, improve pattern recognition of security quality, and detect possible security vulnerabilities. Just as a detective studies a crime scene for clues, we will follow a methodical approach to investigating and solving the Top 11 API Threats. Our basic process is as follows: Understand the context in which APIs exist. Look for clues that point to possible vulnerabilities. Catalog the tools used to identify and track vulnerabilities.