Ninety-two percent of 397 organizations noted having one or more application programming interface-related attacks in the past year, with multiple API security incidents reported by 57% of respondents, VentureBeat reports.
API attacks may have been fueled by the continuous changes and updates to APIs, with 75% of organizations implementing daily or weekly API modifications, according to a report from Data Theorem. However, increased spending on API security tools, cloud-native application protection platforms, and integration application security and API security tools are being considered by organizations to address API security risks.
The elevated prevalence of API attacks has not surprised ESG Senior Analyst Melinda Marks.
"Modern development cycles bring faster, more frequent product releases and updates, and the growing number of APIs that change on a daily or weekly basis make it imperative to address the changing attack surface. This rapid rate of change also creates shadow APIs and zombie APIs, which can be hackers' favorite APIs to exploit because organizations often do not know about them," said Marks.
Several new features have been added by DevOps security firm Cycode to its application security posture management platform led by the inclusion of generative artificial intelligence into its Risk Intelligence Graph, reports SiliconAngle.
Incident response firm BreachQuest has been purchased for an undisclosed amount by cyber risk management provider Resilience to facilitate more efficient cyber incident response efforts, SiliconAngle reports.