n n n ‘. concat(e. i18n. t(“search. voice. recognition_retry”),’n
Studies reveal that although APIs account for the majority of web traffic, they are still largely insecure.
SAN FRANCISCO, Jan. 9, 2024–(BUSINESS WIRE)–Cloudflare, Inc. (NYSE: NET), the leading cloud connectivity company, today released its first-ever API Security and Governance Report. The effects of this year’s report reveal that APIs, a generation that underpins today’s most used sites and applications, are being leveraged across businesses more than ever, opening the door to more online threats than ever before. The report highlights the gap between organizations’ use of APIs and their capacity to impact knowledge through those APIs.
APIs force the virtual world: Our phones, smartwatches, banking systems, and business sites all rely on APIs to communicate. They can help e-commerce sites accept payments, allow healthcare systems to support the percentage of patient data, and even offer taxis and utilities. providing access to real-time traffic data. Today, almost every single company uses them to create and deliver better sites, apps, and consumers. However, if they are unmanaged or insecure, APIs are a goldmine for malicious actors to potentially exfiltrate. sensitive information.
“APIs are central to how applications and websites work, which makes them a rich, and relatively new, target for hackers,” said Matthew Prince, CEO and co-founder at Cloudflare. “It’s vital that companies identify and protect all their APIs to prevent data breaches and secure their businesses.”
Key findings from Cloudflare’s 2024 API Security and Management Report include:
Even the most unlikely industries enjoy major spikes in API traffic – seamless integrations enabled through APIs have driven organizations across industries to leverage them more and more, some faster than others. IoT, rail, bus & taxi, legal, media & gaming and the logistics and supply chain industries recorded the percentage of API traffic in 2023.
API traffic accounts for the majority of Internet traffic: APIs dominate dynamic Internet traffic around the globe (57%), with each region that Cloudflare protects seeing an increase in usage over the past year. However, the top regions that explosively adopted APIs and witnessed the highest traffic share in 2023 were Africa and Asia.
APIs face an array of frequent and increasing threats: As with any popular business critical function that houses sensitive data, threat actors attempt to exploit any means necessary to gain access. The rise in popularity of APIs has also caused a rise in attack volume, with HTTP Anomaly, Injection attacks and file inclusion being the top three most commonly used attack types mitigated by Cloudflare.
Shadow APIs provide a helpless path for risk actors: organizations fight for what they can’t see. Nearly 31% more REST API endpoints (when an API is connected to software) were discovered through device learning compared to customer-provided credentials. For example, organizations don’t have a full stock of their APIs.
DDoS mitigation solutions are one of the most effective tools to protect APIs: Regardless if an organization has full visibility of all their APIs, DDoS mitigation solutions can help block potential threats. One-third (33%) of all mitigations applied to API threats were blocked by DDoS protections already in place.
“APIs are resilient equipment for developers to create complex, end-to-end programs to serve their customers, partners, and employees; however, each API is a potential attack surface that needs to be protected,” said Melinda Marks, director of the cybersecurity practice for Enterprise. Strategy Group. ” As this new report shows, organizations want more effective tactics to ensure API security, adding greater API visibility, tactics to ensure secure authentication and authorization between connections, and increased tactics to protect their programs from attacks.
Report methodology: The findings in this report, summing the statistics included above, are based on traffic patterns observed across Cloudflare’s global network (adding Cloudflare’s Web Application Firewall, ProtectionArray DDoS bot management, and API gateway services) between October 1, 2022 and August 31. For the quarter ended September 30, 2023, Cloudflare processed more than 50 million HTTP requests per moment on average and blocked an average of 170 billion cyber threats each day.
For more information, check out the resources below:
API Security & Management Report 2024
Blog: Introducing Cloudflare’s 2024 API Security and Management Report
Cloudflare API Security
What is API Security?
About Cloudflare
Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.
Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.
Learn more about Cloudflare’s connectivity cloud in cloudflare. com/connectivity-cloud. Learn more about the latest trends and facts about https://radar. cloudflare. com.
Follow us: Blog | X | LinkedIn | Facebook | Instagram
Forward-Looking Statements
This press release makes forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve significant dangers and uncertainties. In some cases, you can identify forward-looking statements because they involve words such as “possibly”, “may”, “should”, “expect”, “explore”, “plan”, “anticipate”, “may also simply”. “, “intend”, “target”, “project”, “contemplate”, “believe”, “estimate”, “predict”, “potential” or “continue”, or the negative form of those words, or other similar terms or expressions that relate to Cloudflare’s expectations, strategy, plans or intentions. However, not all forward-looking statements involve such identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding Cloudflare’s expectations, strategy, plans or intentions, products and technology, Cloudflare’s technological development, long-term operations, growth, projects or strategies, long-term market trends and comments made through the CEO of Cloudflare Array’s actual effects may also differ materially from those stated or implied in the forward-looking statements due to a number of factors, including, but not limited to, the risks detailed in Cloudflare’s filings with the Securities and Exchange Commission (SEC). , adding Cloudflare’s Quarterly Report on Form 10. -Q filed on November 2, 2023, as well as other filings that Cloudflare may make from time to time with the SEC.
The forward-looking statements made in this press release speak only as of the date on which the statements were made. Cloudflare undertakes no legal responsibility to update any forward-looking statements made in this press release to reflect occasions or events after the date of this press release or to reflect new data or the occurrence of unanticipated events, unless required by law . Cloudflare may not achieve the plans, intentions or expectations disclosed in Cloudflare’s forward-looking statements, and you deserve not to place undue reliance on Cloudflare’s Forward-Looking Statements.
© 2024 Cloudflare, Inc. All Rights Reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the United States and other jurisdictions. All other trademarks and names referenced herein may be trademarks of their respective owners.
See the businesswire. com edition: https://www. businesswire. com/news/home/20240109533109/en/
Contacts
Cloudflare, Inc. Daniella VallurupalliVice President & Chief Communications Officer mondialespress@cloudflare. com