Automated attacks against APIs continue to skyrocket with threat actors using tried and true techniques to find and exploit shadow APIs while at the same time, applying new tactics, techniques, and procedures (TTPs) that closely mimic user behavior to evade detection. The Cequence CQ Prime Threat Research team analyzed nearly 1 trillion API transactions from the second half of 2022, uncovering trends such as:
Shadow API abuse skyrockets 900% - highlighting a lack of API visibility
DOS Attacks:How sophisticated threat entropy validates the new OWASP API Top 10 and API8:2023, protection from automated threat category
How automated threat TTPs are evolving to be a combination of web application and API security tactics
And much, much more…
Download the report to learn the importance of having a complete understanding of how correctly coded APIs and those with errors can be attacked. Armed with this understanding security and developers can make great strides towards complete API lifecycle protection.