We recommend API Rate Limiting to be implemented for Business APIs. These APIs can be configured in Web Application Firewall (WAF) for protection from Denial of Service (DoS) attacks.