How do you secure a REST API at HD Supply against common vulnerabilities like those outlined in the OWASP Top 10?