API Attack Surface: How to secure it and why it matters
Discription

Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the attack surface, such as extended detection and response (EDR or XDR), security information & event management (SIEM), and security orchestration, automation & response (SOAR); despite that, these tools often do not prioritize APIs. At the same time, today APIs are indispensable for integrating various software systems; however, this integration broadens the attack surface, making APIs primary targets for cybercriminals. 30% Increase in API vulnerabilities among CVEs in 2023 According to the Wallarm API ThreatStats™ Reports from 2022 to 2023, API vulnerabilities experienced a substantial 30% increase, rising from 650 to 846 instances. This growth reflects the expanding landscape of API security challenges, even as the total number of Common Vulnerabilities and Exposures (CVEs) saw a marginal rise from 24,454 to 24,559. More significantly, the share of API vulnerabilities within the entire CVE spectrum surged from 2.66% to 3.44%. This notable increase underscores the expanding focus on API security, highlighting it as a crucial and growing concern within the cybersecurity field. In other words, each 29th CVE was API-related in 2023, to compare with each 37th CVE in 2022. **Market Observations ** API discovery involves cataloging all internal and third-party APIs within an…Read More

Back to Main

Subscribe for the latest news: