PRESS RELEASE
SAN FRANCISCO–(BUSINESS WIRE)–Wallarm, the chief in real-time blocking of API assaults, on Dec. 17 unveiled a complete safety analysis report based mostly on knowledge collected from the world’s first globally distributed API honeypot community. The findings reveal essential insights into the rising risk panorama for APIs, showcasing their growing vulnerability to fast discovery and exploitation.
APIs have surpassed internet purposes as the first targets of attackers, underscoring the urgency for companies to implement sturdy API safety measures. Organizations are suffering from uncontrolled API sprawl and lack of API governance, resulting in important breaches from uncovered APIs. Wallarm’s examine highlights a number of alarming traits that demand instant consideration from organizations deploying APIs.
Key Findings from the Report:
-
APIs Are the Prime Goal: APIs now entice extra assaults than conventional internet purposes.
-
Speedy Discovery: Newly deployed APIs are found by attackers in as little as 29 seconds.
-
Instant Exploitation: Unprotected APIs are exploited inside one minute of discovery.
-
Excessive Velocity Knowledge Theft: Attackers utilizing batched API requests can exfiltrate tens of millions of person data in seconds.
-
Focusing on Effectively-Identified Merchandise: Recognizable and broadly used API merchandise face heightened concentrating on by attackers.
Wallarm’s globally distributed honeypot, spanning 14 areas, captures knowledge from various geographies and suppliers, revealing essential traits. The honeypot supplies focused responses to API requests throughout a number of protocols, together with REST, XML-RPC, GraphQL, and others. Over half (54%) of noticed request sorts have been API-specific, demonstrating that APIs are the popular vector for attackers. Amongst these, 40% of requests focused identified vulnerabilities (CVEs). Whereas port 80 emerged as essentially the most generally found entry level, interactions have been distributed throughout many ports, demonstrating that defending solely widespread ports is inadequate.
“This report sheds gentle on a quickly evolving assault floor and represents a groundbreaking effort in API safety analysis,” stated Ivan Novikov, CEO and founder at Wallarm. “APIs are the muse of recent purposes, however their widespread deployment and insufficient safety make them a pretty goal for attackers. We hope this analysis helps organizations spend money on robust safety for his or her APIs.”
Wallarm’s full report presents actionable insights and proposals to safeguard APIs. To entry the complete analysis report and be taught extra about securing your APIs, go to http://www.wallarm.com/sources/api-honeypot-report.