Be part of prime executives in San Francisco on July 11-12, to listen to how leaders are integrating and optimizing AI investments for fulfillment. Learn More
As we speak, utility safety supplier Data Theorem, introduced the discharge of a brand new report in partnership with TechTarget’s Enterprise Technique Group (ESG). ESG surveyed 397 respondents on cloud-native purposes and API safety and located that 92% of organizations skilled not less than one API-related safety incident within the final 12 months.
The report, scheduled to launch on Might 5, additionally revealed that 57% skilled a number of API safety incidents, highlighting that many organizations nonetheless have much more to do to defend cloud-native purposes and APIs towards risk actors.
This comes simply months after a hacker used a Twitter API vulnerability shipped in June 2021 (now patched) to compile and leak the account particulars and electronic mail addresses of 235 million customers in January 2023.
API safety incidents ‘no shock’
One of many key challenges unveiled by the analysis was the transient nature of the assault floor. As an example, 75% of organizations sometimes modified or up to date their APIs on a day by day or weekly foundation, creating new vulnerabilities within the assault floor for safety groups to confront.
Occasion
Rework 2023
Be part of us in San Francisco on July 11-12, the place prime executives will share how they've built-in and optimized AI investments for fulfillment and prevented widespread pitfalls.
“It’s no shock that almost all organizations are experiencing API-related safety incidents,” stated Melinda Marks, senior analyst for ESG within the announcement press launch.
“Trendy improvement cycles carry quicker, extra frequent product releases and updates, and the rising variety of APIs that change on a day by day or weekly foundation make it crucial to deal with the altering assault floor. This speedy fee of change additionally creates shadow APIs and zombie APIs, which will be hackers’ favourite APIs to take advantage of as a result of organizations typically have no idea about them,” Marks stated.
Nevertheless, many organizations need to tackle API safety by growing their spending over the subsequent 12–18 months by investing in API safety instruments (45%), cloud-native utility safety platforms (CNAPPs) (43%), and integration utility safety and API safety instruments (41%).
CNAPPs and API safety instruments present automated assist in discovering APIs and highlighting potential entry factors, giving defenders worthwhile perception into how you can harden their defenses towards cyberattacks.