Automated attacks against APIs continue to skyrocket with threat actors using tried and true techniques to find and exploit shadow APIs while at the same time, applying new tactics, techniques, and procedures (TTPs) that closely mimic user behavior to evade detection. The Cequence CQ Prime Threat Research team analyzed nearly 1 trillion API transactions from the second half of 2022, uncovering trends such as:

• Shadow API abuse skyrockets 900% - highlighting a lack of API visibility
• DOS Attacks:How sophisticated threat entropy validates the new OWASP API Top 10 and API8:2023, protection from automated threat category
• How automated threat TTPs are evolving to be a combination of web application and API security tactics
• And much, much more…