This document discusses strategies for addressing the OWASP top 10 security risk of insufficient logging and monitoring of APIs. It begins with an overview of OWASP A10 and challenges related to monitoring APIs, as attackers rely on a lack of monitoring. It then provides recommendations for logging from OWASP, which can be complex and costly to implement. The document outlines challenges to logging APIs and proposes best practices like combining logging with DevSecOps culture and using purpose-built API logging tools. It argues that API monitoring is key to security, continuous improvement, and resisting attacks on APIs as they increase in usage.