A global company utilizes Amazon API Gateway for REST APIs serving its loyalty club in two regions: us-east-1 and ap-southeast-2. The task is to implement a minimal-effort solution to safeguard these APIs against SQL injection and XSS attacks across multiple accounts. Which approach should be adopted?