Be part of prime executives in San Francisco on July 11-12, to listen to how leaders are integrating and optimizing AI investments for fulfillment. Learn More
At the moment, software safety supplier Data Theorem, introduced the discharge of a brand new report in partnership with TechTarget’s Enterprise Technique Group (ESG). ESG surveyed 397 respondents on cloud-native functions and API safety and located that 92% of organizations skilled a minimum of one API-related safety incident within the final 12 months.
The report, scheduled to launch on Might 5, additionally revealed that 57% skilled a number of API safety incidents, highlighting that many organizations nonetheless have much more to do to defend cloud-native functions and APIs in opposition to risk actors.
This comes simply months after a hacker used a Twitter API vulnerability shipped in June 2021 (now patched) to compile and leak the account particulars and e-mail addresses of 235 million customers in January 2023.
API safety incidents ‘no shock’
One of many key challenges unveiled by the analysis was the transient nature of the assault floor. As an example, 75% of organizations sometimes modified or up to date their APIs on a each day or weekly foundation, creating new vulnerabilities within the assault floor for safety groups to confront.
Occasion
Rework 2023
Be part of us in San Francisco on July 11-12, the place prime executives will share how they’ve built-in and optimized AI investments for fulfillment and averted widespread pitfalls.
“It’s no shock that almost all organizations are experiencing API-related safety incidents,” stated Melinda Marks, senior analyst for ESG within the announcement press launch.
“Fashionable growth cycles deliver sooner, extra frequent product releases and updates, and the rising variety of APIs that change on a each day or weekly foundation make it crucial to deal with the altering assault floor. This fast fee of change additionally creates shadow APIs and zombie APIs, which could be hackers’ favourite APIs to use as a result of organizations typically have no idea about them,” Marks stated.
Nevertheless, many organizations wish to deal with API safety by growing their spending over the following 12–18 months by investing in API safety instruments (45%), cloud-native software safety platforms (CNAPPs) (43%), and integration software safety and API safety instruments (41%).
CNAPPs and API safety instruments present automated assist in discovering APIs and highlighting potential entry factors, giving defenders worthwhile perception into easy methods to harden their defenses in opposition to cyberattacks.
