This document discusses the top threats to cloud computing security as identified by the Cloud Security Alliance (CSA) in 2013. It examines nine threats in detail, providing background on each threat, implications, recommended controls, and references. The fourth threat discussed is insecure interfaces and APIs. The summary explains that cloud providers expose APIs for customers to manage services, and that the security of cloud services depends on API security. Attacks on APIs could allow access to provisioning, management, and monitoring without authorization. The document provides guidance on controls and references for further information.