The 2022 API Security Trends Report
451 Research asked participants about their API landscape, API security tools, maturity level of API security within the organization, and more. In this API security trends report, we dive into the key findings.
Companies rely on tens of thousands of APIs. For the enterprises participating in this study, the average number of APIs in use is 15,564. Large enterprises, those with more than 10,000 employees, have an even greater dependency, with an average of 25,592 APIs in place.
is the average number of APIs an organization has in place today
Large enterprises have
an average of
API SECURITY INCIDENTS
Many API security incidents will go undisclosed unless a data breach occurs requiring consumer notifications, or there is a coordinated disclosure of API security vulnerabilities with a security researcher. Practitioners were asked whether their organizations had experienced a security incident related to an API in the past year.
41% of organizations had an API security incident in the last 12 months.
63% of those noted that the incident involved a data breach or data loss.
TOP API SECURITY ISSUES
Respondents’ top-cited API security problems in the past 12 months include poor API logging practices; problems in API authentication, including lack of authentication in APIs that should require it; and API misconfigurations.
THE IMPACT ON DEVELOPMENT PROJECTS
Just over a third (35%) of survey respondents said projects were specifically delayed due to API security concerns. 87% of those believe more effective integration of API security testing (AST) into developer pipeline activities could have prevented those delays.
believe a more effective integration of API security testing into developer pipeline activities could have prevented project delays.