With Web application programming interface (API) traffic growing quickly, the average cloud-focused company sees three times more attacks.
Driven by the popularity of agile development, the usage of Web application programming interfaces (APIs) has increased dramatically, leaving software-focused companies with larger, and more vulnerable, attack surfaces that can be exploited by threat actors.
Overall, API usage has soared in the past year, tripling to about 15,600 APIs per company, with traffic quadrupling to 820 million requests per year for the average firm, according to two recent reports. And where the application developers go, attackers follow: Over the past year, malicious API traffic has surged by almost a factor of seven, according to the “State of API Security” report published in March by Salt Security, an API security firm.
Between the changes in development and growing vulnerabilities exposed by third-party software components that could be exploited through APIs, attackers will continue to increasingly target the easy-to-use interfaces, says Elad Koren, chief product officer for Salt Security.
“Attacks are growing because the attack surface is growing,” he says. “But it’s not just that. It’s also issues like Spring4Shell and Log4j — all those new vulnerabilities are part of this new attack surface — and they [threat actors] are targeting all of these vulnerable surfaces.
The trends are the latest challenge for application security. Development teams continue to move quickly, usually not fully documenting the APIs created to link different application components in the cloud or over the network. The result is that companies do not know the extent of their API inventory and whether those application interfaces are secure, says Sandy Carielli, a principal analyst with Forrester Research.
No wonder, then, that API security has become a top-five briefing topic for the business analyst firm, she says.
“The growing [malicious traffic] certainly doesn’t surprise me,” she says. “As more organizations move to use APIs, a higher percentage of application traffic is through APIs, so naturally you are going to see more malicious traffic going through that channel.”
Taming the API Attack Surface
Much of the impetus behind growing API inventory and traffic is the shift to cloud-native and agile development methodologies. A typical sprint for application development sprints is two to three weeks, so a development team has dozens of opportunities to introduce API misconfigurations and vulnerabilities into a service or application, says Oz Golan, CEO, and co-founder at Noname Security, an API security firm. Read more: https://bit.ly/3MxLjjl
You can also read this: New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices