While cybercriminals have been going after credentials for several years, we now see attackers target the credentials held by application programming interfaces (APIs). In fact, research by Akamai found that almost 75% of attacks directly target such API credentials.