Cloud OnAir: How to protect your APIs from security vulnerabilities leveraging OWASP best practices