94% of survey respondents experienced API security incidents in 2021 

by | Aug 3, 2022 | Technology

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Few assets in the attack surface cause as much hassle as APIs. Not only are many organizations’ APIs openly exposed on the internet, but they’re also reliant on these APIs to access critical data assets and applications. 

Many security teams are still trying to get to grips with the realization that APIs are just as susceptible to exploitation as weaknesses on servers or networks, and struggling to maintain up-to-date inventories of APIs and vulnerabilities in the environment. 

New research released by API security provider Salt Security highlighted this trend by revealing that 94% of organizations responding to their survey experienced security issues in production APIs in the past year, with 20% stating their organization actually suffered a data breach as a result of API security gaps. 

These security issues could be as serious as openly exposing protected data online. For instance, among Salt’s customer base, 91% of APIS were openly exposing PII and sensitive data to threat actors. 

For enterprises, this research highlights that most organizations need to reevaluate their API security strategies to ensure they have the maturity to protect APIs throughout the entire development lifecycle. 

Moving away from “shift left” security 

Just a few years ago in 2019, Gartner released a set of strategic planning assumptions, predicting that by 2021, 90% of web-enabled applications will have more surface area for attack in the form of exposed APIs, and that by 2022, API abuses will move from an infrequent to the most-frequent attack vector. 

When considering that Salt Security’s new research found that API attack traffic has doubled in the past 12 months, these predictions appear to have come true. 

At the same time, the uptick in API-focused attacks highlights that threat actors are well aware that enterprises aren’t ade …

Article Attribution | Read More at Article Source

Share This