APIs are a critical building block of modern mobile, SaaS, and web applications. By definition, they give access to services, critical business functions, or sensitive information. As such, they are becoming the top target for threat actors. It is often challenging to understand the health of all the APIs running in your production environments, let alone identify risks (e.g., shadow APIs, or authentication issues) and respond to the wide range of attacks targeting them.In this session, you will learn how you can use Datadog not only to monitor the performance of your APIs, but also drive an efficient API security program in the same platform. You will understand how Datadog can help you regain visibility into all APIs running in production and remove shadow APIs. You will also learn how Datadog harnesses the rich information collected by our tracing libraries to provide key insights into your API security posture and how to remediate problems. Last but not least, you will see how Datadog can help you deal with the multitude of API attacks, from traditional methods like SQL injection or SSRF, to attempts targeting the authentication and authorization layers such as credential stuffing and resource enumeration, to attacks targeting the business logic of your applications.