Some Key Takeaways: 
 

Communication is King: Ashwani highlights the indispensability of seamless communication with stakeholders. Aligning with the code warriors, the engineering teams, is the first step to an integrated security approach. 

Know Your APIs: An inventory that maps out all existing APIs and those in the pipeline is foundational. Keeping an eye on third-party services integration is equally pivotal. 

Tooling Matters: For holistic API security, investing in top-notch tools that detect intricate attacks and spot security misconfigurations is essential. 

Talk to Your Developers: Beyond just tools, Ashwani underscores the essence of nurturing a symbiotic relationship with developers—education, resources, documentation, and constructive feedback loop are the cornerstones. 

Act, Analyze & Amend: The discovery of a vulnerability is just the beginning. Grading its severity and acting accordingly is crucial. Post-remediation analysis helps understand the 'how' and 'why' of the breach, preventing future lapses. 

Developer's Toolkit: From the nitty-gritty of authentication and authorization to the vital aspects of input validation and sanitization, Ashwani shares pro-tips for developers. 

Third-party API Security: The world of third-party APIs presents its own set of challenges. The key is to comprehend their integration purpose, be well-acquainted with their docs, keep a tab on data-sharing protocols, and always ensure updated encryption and dependencies. 

Golden Advice for Newbies: To budding security engineers, Ashwani’s wisdom? Immerse yourself in the business. A keen understanding of the company's heart and soul—its operations and services—sets the stage for a foolproof security strategy.