© 2023 CoolTechZone - Latest tech news,
product reviews, and analyses.

Study shows “dark reality” of API security

The majority of businesses underestimate threats associated with APIs and are unprepared to tackle them, according to research from Traceable AI, an API security firm.

Findings of the study show that 60% of organizations experienced at least one API-related breach in the past two years.

Of those, 74% had three or more incidents, while 23% reported undergoing six or more breaches, security experts said in a new report revealing a “relentless” threat landscape.

Distributed denial-of-service (DDoS) attacks stand out as the primary API breach method, with 38% of respondents noting it as the primary API attack vector.

More than half of respondents agree that APIs “substantially” expand organizations’ attack surface, but only 38% understand the unique context of APIs and can discern between API activity, user behaviors, and data flow.

A whopping 57% express doubt traditional security methods, such as web application firewalls, are effective in distinguishing genuine from fraudulent API activity.

According to the report, organizations grapple with challenges like API sprawl, with 48% of respondents noting it as a problem, and keeping an accurate inventory (39%). All the while, 61% say they anticipate API-related risks to grow in the next two years.

The report also shows that organizations are dealing with an average of 127 third-party API connections on average, but only a third express confidence in managing these external threats.

“It’s alarming to see that the majority of businesses are navigating these treacherous waters with a significant blind spot, unprepared and underestimating the very real threats associated with APIs,” Richard Bird, Chief Security Office at Traceable, said.

Noting the need to address this “glaring disconnect,” Bird added: “It’s time that API security is elevated from the server room to the boardroom. Only by doing so can we hope to stay ahead of the evolving threat landscape.”

The study is based on the survey of 1,629 cybersecurity experts from across the EU, the UK, and the US and carried out by Traceable in partnership with the Ponemon Institute.

Leave a Reply

Your email address will not be published. Required fields are marked