Multiple API security threats are on the rise, and companies must take a holistic approach to protect their data and operations.
A recent State of Web Security report has found that attacks on API services are up from this same time last year. Cloud providers and their customers will need to stay up to date on the methodology and risk of these attacks. The report’s source, CDNetworks, believes that companies can no longer rely on tools that focus on single security threats.
API attacks join Distributed Denial of Service (DDoS), bot, and web application attacks. The increase was noted during H1 of 2022. API attacks experienced a 168.80% increase over the same period in 2021. This is alarming news as more businesses shift their operations to the cloud. The organization strongly recommends that companies shift to a multi-threat view to combat increasingly more complex attacks.
Rule-based web protections are common, but these can have critical weaknesses in today’s hybrid environments. CDNetworks recommends a zero-trust architecture that considers remote workers, bring your own device office officer models post-pandemic, and cloud/hybrid operations.
API security must match shifting governance policies
The security landscape continues to shift and change, prompting companies to alter their expectations of what it means to be secure. Surveys such as this one help us understand what’s changing with our technology and businesses.
API management capabilities help close those gaps. Their needs exceed traditional web security and will only continue to evolve as cyber threats do. It could be part of a systemic and comprehensive security architecture designed to address new and future needs.
The report is clear: Multiple security threats are on the rise, and companies must take a holistic approach to protect their data and operations. It’s a complex issue that requires a clear and precise plan.
Additional RTInsights articles on APIs: