CISOs shift from perimeter security to API security

Bill Doerrfeld | March 30, 2026

My first-ever contribution to CSO Online looks at the shifting landscape, from perimeter-based security to API security, and how CISOs are responding.

API attacks are on the rise. But traditional security approaches like endpoint detection and response (EDR) can miss this vector entirely.


Excited to share my first-ever contribution to CSO Online today, which looks at the shifting landscape, from endpoint security to API security, and how CISOs are responding. You can read it here.


In a nutshell, malicious traffic may look like normal traffic, but legacy perimeter-based defenses miss business logic gaps and systemic authentication and authorization issues.


To respond, CISOs are using a combination of API governance frameworks, inventory management, API gateways, strong identity and authorization, and other techniques.


I'd love to write more for this publication, but it takes connecting with the right sources. If you're a CISO or work with one and have an interesting perspective to share, feel free to get in touch.

Read: APIs are the new perimeter: Here’s how CISOs are securing them

Other Blog Posts

Fixing the AI slop problem in open source

By Bill Doerrfeld March 29, 2026
My latest feature for The New Stack looks into solutions being proposed to fix open source Slopmageddon.
A digital pattern of rounded rectangular blocks in shades of blue and purple, arranged in an interlocking layout.

Agentic AI is reshaping platform engineering at Squarespace

By Bill Doerrfeld March 27, 2026
My latest DirectorPlus looks at how agentic AI is reshaping platform engineering at Squarespace: less shared code and more developer experience focus.

5 impressive API monetization models

By Bill Doerrfeld March 19, 2026
Usage-based pricing is reshaping the API economy. Discover 5 API monetization success stories, including OpenAI, Plaid, and AssemblyAI.
A lightbulb against a purple background, containing a human brain with an

Why event-driven APIs matter for AI workflows

By Bill Doerrfeld March 18, 2026
Why event-driven APIs matter for AI workflows, enabling real-time data, scalable systems, and responsive agent behavior.

Exploring frontier models for physical AI

By Bill Doerrfeld February 28, 2026
While hardware usually gets the spotlight in physical AI, the real differentiator won't be hardware. It'll be the models.

Workato's internal MCP success story

By Bill Doerrfeld February 27, 2026
In the latest DirectorPlus, Workato's CTO explains how MCP-enabled integration catalyzed internal AI usage and ROI.

5 official MCP servers from major clouds

By Bill Doerrfeld February 18, 2026
My latest on InfoWorld reviews MCP servers from 5 major cloud providers

6 agentic knowledge base styles in practice

By Bill Doerrfeld February 18, 2026
How are organizations actually using agentic knowledge bases in practice? My article for The New Stack looks at six emerging patterns.
eBPF in Production Report

Report: eBPF In Production

By Bill Doerrfeld February 12, 2026
My report for the eBPF Foundation explores enterprise eBPF case studies, production deployments, and real business outcomes across cloud-native environments.
Close-up of whole bean coffee Bottomless

I’m a fan of Bottomless coffee

By Bill Doerrfeld February 10, 2026
Longtime Bottomless user sharing why I love automated coffee delivery triggered by a smart scale, plus a referral link for a free first bag.