Research by Salt Security suggests substantial increase in API attacks in last 12 months

|
Categories Digital Infrastructure News
Research by Salt Security suggests substantial increase in API attacks in last 12 months

Edge computing architecture aims to be open and programmable. Application programming interfaces (APIs) are part of that infrastructure and, as such, their security is paramount when considering larger edge applications.

Now, new data from API security firm Salt suggests global attacks against API-based infrastructures have increased by 681% over the last 12 months, hampering innovation for two-thirds of the surveyed organizations.

According to Salt, the figures are an indicator of the fact that reliance on traditional security and API management tools like web application firewalls (WAFs) and API gateways has left many organizations with a false sense of security.

In fact, 95% of respondents said they had experienced an API security incident in the last year, of which 55% were relying on alerts from gateways and 37% were using WAFs to identify attackers shows the gap in capabilities.

“APIs present an attractive attack vector, despite organizations’ best efforts to validate APIs before releasing them into production,” explained Michael Isbitski from Salt.

“Given the inability of traditional security and API management platforms to protect against sophisticated attacks that target the unique business logic of APIs, it’s no surprise that attackers continue to be successful, keeping enterprises at risk,” he noted

The research also sheds some light on the top concerns about API strategies, most of which are security-related.

In this regard, 22% of respondents mentioned insufficient investment in pre-production security as their top concern, followed by 18% saying they were concerned that the program doesn’t adequately address runtime or production security.

When asked about the capabilities of API security platforms, almost half of them (42%) cited stopping API attacks as the most important. A substantial 41% also highlighted the identification of which APIs expose personal identifiable information (PII) and sensitive data.

“We’re seeing API attacks accelerating significantly year over year. Even more concerning, the pace of growth in API usage and attacks continues to outpace enterprise readiness and defenses,” said Salt CEO Roey Eliyahu.

“Organizations must invest the time and effort to understand the API attack landscape and the critical capabilities needed to protect their most vital assets.”

One of the companies specializing in APIs for edge applications is Ericsson, which recently released its Edge Exposure Server platform.

Previous Article:

Article Topics

 |   |   |   |   |   |   |   | 

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Sponsored Links

Avassa: Empowers companies to bridge the gap between modern containerized applications development and operations and distributed edge infrastructure. https://avassa.io/

DataBank: We believe there is a different edge to be served - the “middle edge" - that will become the first step for many in their journey to the edge. https://www.databank.com/

Latitude.sh: Where the power of bare metal meets the flexibility of the cloud. Deploy physical servers across 23 global locations in as little as 5 seconds. https://www.latitude.sh/

Zenlayer: A massively distributed edge cloud service provider operating over 270 PoPs around the world, with expertise in fast-growing emerging markets. https://www.zenlayer.com/

OnLogic: A global industrial PC manufacturer and solution provider focused on hardware for IoT and edge AI, OnLogic designs highly-configurable computers engineered for reliability. https://www.onlogic.com/

Featured Company

Learn More

Latest News