APIs are a growing target for cyberattackers because they are often under-protected and can provide access to significant volumes of high-value data.