"94 Percent of Companies Have Had Security Incidents with Production APIs"

According to a new report, 94 percent of companies experienced security issues in production Application Programming Interfaces (APIs) in the previous year, with 20 percent reporting a data breach as a result. Salt Security's latest State of API Security Report reveals that API attack traffic has more than doubled in the last year, with a 117 percent increase. During the same time period, overall API traffic increased by 168 percent, demonstrating the continued explosion of enterprise API usage. Digitalization, the backbone of the modern economy, has made organizations increasingly reliant on APIs to deliver new services and compete. According to Roey Eliyahu, co-founder and CEO of Salt Security, this focus on digital innovation has also placed a target on these organizations. The findings of the report also highlight the need for a more robust API security strategy, beginning with development but focusing on runtime, to better protect this expanding attack surface and companies' most valuable assets. When asked which of six API security platform attributes are 'highly important,' the ability to stop attacks ranks first, with 41 percent of respondents citing it. The ability to identify which APIs expose personally identifiable information (PII) or sensitive data comes in second, with 40 percent of respondents rating it as extremely important. Third, 39 percent of respondents cited meeting compliance or regulatory requirements. Using shift-left practices ranks last on the list, with only 22 percent of respondents rating it as extremely important. Although 53 percent of respondents say they focus on filling gaps during development and 59 percent look for API issues during testing, 94 percent have experienced API security incidents, indicating a need for increased runtime protection. This article continues to discuss key findings from Salt Security's report on API security trends. 

BetaNews reports "94 Percent of Companies Have Had Security Incidents with Production APIs"

Submitted by Anonymous on