Why the future of APIs must include zero trust

by | Aug 1, 2022 | Technology

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

It’s the digital pandemic no one is talking about because it’s challenging to quantify, contain and can defeat the best current cybersecurity defenses enterprise have. API attacks rose 681% in the past 12 months, compared to a 321% increase in overall API traffic. Malicious API calls rose from a monthly per-customer average of 2.73 million in December 2020 to 21.32 million in December 2021, according to Salt’s State of API Security Q1, 2022 Report. Salt’s customers have Web Application Firewalls, and nearly all, have API gateways and API attacks are bypassing these controls. 

The meteoric rise of API attacks is also stifling innovation. For example, 62% of enterprises admit to having delayed new product introductions and application rollouts because of API security concerns. In addition, 95% of devops leaders and teams say they have suffered an API security incident in the last twelve months. One in three devops organizations says their companies lack any API security strategy, despite running APIs in production. According to Gartner, API breach growth will accelerate and double by 2024. Client inquiry volume related to APIs increased steadily from 2019 to 2021, at an average increase of 33% year over year.

Getting API sprawl under control 

Devops leaders are pressured to deliver digital transformation projects on time and under budget while developing and fine-tuning APIs at the same time. Unfortunately, API management and security are an afterthought when the devops teams rush to finish projects on deadline. As a result, API sprawl happens fast, multiplying when all devops teams in an enterprise don’t have the API Management tools and security they need. 

More devops teams require a solid, scalable methodology to limit API sprawl and provide the least privileged access to them. In addition, devops teams need to move API management to a zero-trust framework to help reduce the skyrocketing number of breaches happe …

Article Attribution | Read More at Article Source

Share This