Why an Attacker-Centric Approach Is Key to API Protection