TMCnet News
Salt Security "State of API Security" Report Finds API Attack Traffic has Grown at Triple the Rate of Overall API TrafficPALO ALTO, Calif., July 28, 2021 /PRNewswire/ -- Salt Security, the leading API security company, today released the Salt Labs State of API Security Report, Q3 2021. The latest edition, compiled six months after the company's inaugural report, reveals significant challenges in addressing API security, with all Salt customers experiencing API attacks, security topping the list of API program concerns, and very few respondents feeling confident they can identify and stop API attacks. In the past six months, Salt customer data shows overall API traffic has increased 141% – in the same time period, API attack traffic grew a staggering 348%. The sobering report findings illustrate the security consequences of the rapid growth in API use driven by digital transformation and IT modernization projects. "APIs and the valuable data they access are linchpins of today's data- and application-centric economy. Yet APIs remain one of the most vulnerable elements of any organization's application or software stack," said Roey Eliyahu, co-founder and CEO, Salt Security. "Anecdotally, we know we find critical security vulnerabilities in the APIs of 90% of the prospects we support. This report quantifies those anecdotal findings, highlighting the API security risks companies are living with everyday. As API adoption and traffic has accelerated, so have the security risks. APIs are meant to enable innovation, not stifle it, as we're seeing in this report." Organizations rely on APIs for a broad range of business-critical initiatives. This latest edition of the State of API Security Report found that 61% of survey respondents use APIs for platform or system integrations, 52% use them to drive digital transformation, and 47% use them to standardize or improve the efficiency of application and software development. These critical initiatives are suffering set-backs, however, with 64% of respondents delaying application rollouts as a result of API security concerns. "APIs can be the weakest link in an organization's application security chain, especially since traditional tooling such as WAFs and API gateways can't protect against the API attacks frequently carried out today," said Michael Isbitski, Technical Evangelist, Salt Security. "Several factors – including growing API usage, faster application and software development cycles, and increased hacker targeting – contribute to increasing risk for API-first organizations." Security remains the leading concern in API programs Viewing API security as a "shift left" problem is failing WAFs and API Gateways continue to miss API attackers 62% of organizations have no or just a basic strategy in place for API security Additional findings from the State of API Security Report:
API Security Practices Are Evolving – For the Better When survey respondents were asked about how API security is creating changes in how security professionals do their job, the majority was split with 34% agreeing that security must collaborate more with DevOps teams and 34% noting security engineers are getting embedded within DevOps teams. The State of API Security Report, Q3 2021, was compiled by researchers from Salt Labs, the research division of Salt Security, utilizing survey data from more than 200 security, application and DevOps professionals as well as anonymized and aggregated empirical data from Salt Security customers obtained through the Salt Security API Protection Platform. To learn more about Salt Security or to request a demo, please visit https://content.salt.security/demo.html About Salt Security Press Contacts Salt Security View original content to download multimedia:https://www.prnewswire.com/news-releases/salt-security-state-of-api-security-report-finds-api-attack-traffic-has-grown-at-triple-the-rate-of-overall-api-traffic-301342938.html SOURCE Salt Security |