Method Of Authentication

If an attacker can retrieve  the API and libraries, then use these to write an agent, and then get  the attacker’s agent installed, how should Digital Diskus protect itself  from such an attack? Should the business analytics system provide a  method of authentication of valid agents in order to protect against a  malicious one? Is the agent a worthy attack surface?

Answer the question with a minimum of 250 words in APA format with in-text citation.