Security concerns increase as API usage grows over 200%

As API use grows over 200%, there are growing security concerns from developers and enterprise users

As digital transformation continues to increase, web application programme interfaces (APIs) have experienced huge rates of growth as the rise of integrated web and mobile-based offerings requires more data sharing across products.

With dependency on APIs increasing, so does its related security challenges. 451 Research has released the 2022 API Security Trends Report sponsored by API security company, Noname Security, covering the key characteristics and security risks present in API usage today and how a holistic approach to API security provides a gateway to a frictionless user experience.

Noname Security works with 20% of the Fortune 500 and covers the entire API security scope across three pillars — Posture Management, Runtime Security, and API Security Testing. 

An ever-increasing threat landscape

Conducted in January 2022, the survey includes results from IT experts representing over 350 global companies in diverse industries with 3,000+ full-time employees.

The increase in the usage and dependence on APIs in modern application architectures is the key factor in the increased attention on API vulnerabilities among bad actors as well as security researchers. 

For the enterprises participating in this study, the average number of APIs in use is 15,564. Large enterprises, those with more than 10,000 employees, have an even greater dependency, with an average of 25,592 APIs in place. Organisations with in-house application development capability also come in above the study average, with an average of 17,998 APIs in use. The rate of change is notable as well: respondents noted that the number of APIs in use has grown an average of 201% over the past 12 months. 

Growing need to check API security 

90% of respondents noted that their organisations have API authentication policies in place, but 31% expressed shaky confidence that those policies ensured adequate levels of authentication.

41% of the organisations represented by survey respondents had an API security incident in the last 12 months; 63% of those noted that the incident involved a data breach or data loss. Just over a third (35%) of survey respondents said projects were specifically delayed due to API security concerns; 87% of those believe more effective integration of API security testing (AST) into developer pipeline activities could have prevented those delays.

Only 51% of respondents have full confidence in their API inventories; 26% reported that their inventory update processes are manual.

“With API usage continuing to grow, this extreme level of use and dependency has enabled many vulnerabilities to rise to the surface, making securing these APIs across sectors more paramount than ever,” said Daniel Kennedy, Principal Research Analyst for Information Security for the Voice of the Enterprise (VotE) quantitative research product at 451 Research. “This report should help enterprises of all sizes across various sectors make the informed decisions they need when developing their API security strategy.”



Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI