Report: 681% increase in API attacks for customers in 2021

Join online with today’s leading executives at the Data Summit on March 9th. Register here.


A new report from Salt Labs, Salt Security’s research division, found that Salt Security customers experienced a 681% increase in API attack traffic in the past year, while their overall API traffic increased by 321%. This sharp rise in malicious API security calls leads to delayed product rollouts and a lack of trust in API security strategies, which ultimately undermines business innovation.

2021 saw a significant increase in API security developments as organizations continued to change their ways of working and developers created more applications and APIs for the ever-growing services. Attackers also changed their tactics to target the API more frequently. As a result, 95% of the surveys reported API security incidents in the last 12 months.

Despite these security incidents, the average number of APIs used per customer has increased by 221% in the last 12 months, from 42 in December 2020 to 135 in December 2021. With a 321% increase in overall APIs and a 221% increase in API call volume, Salt Security customers are increasingly using their APIs. Twenty-six percent of those surveyed reported using the API at least twice as much as a year ago, and more than three times as much as the 5% API. However, APIs hinder innovation with 62% of applications delayed in production due to security concerns. Organizations face an urgent need to mitigate the risks surrounding the API in order to continue to innovate rapidly and support business growth.

Almost every company is looking for security issues in their product API.  Weaknesses are the leading challenge, with 39% identifying them in their product API.
Almost every company is looking for security issues in their product API. Weaknesses are the leading challenge, with 39% identifying them in their product API.

Accordingly, preventing API attacks is the # 1 security priority for enterprises surveyed for the third time in a row (42%). The results of this edition of the report also had the opposite effect – API security is universally changing how security teams work for the better. More than a third (34%) reported that Security was collaborating with more Devops, and another 30% cited that Devops sought input from security teams to shape the API guidelines. An additional quarter (25%) of engineers have security engineers embedded with devop teams, leading to real progress towards adopting DevSecOps.

The report is based on a combination of survey results and anonymous data, including responses from more than 250 security, application and DEVOPS executives and professionals, and integrated empirical customer data from the Salt Security API Protection Platform.

Read the full report by Salt Labs.

Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more

Similar Posts

Leave a Reply

Your email address will not be published.