Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

API Security Survey

1,871 views

Published on

One Poll survey of 250 IT professionals on the state of application programming interface (API) security, which highlights growing concern for cybersecurity risk related to API use.

Published in: Technology
  • Be the first to comment

API Security Survey

  1. 1. API Security Survey A survey of 250 IT managers and security professionals S U R V E Y The survey was conducted in November 2017 by OnePoll for Imperva, Inc. with respondents from companies with at least 250 employees, and/or $1 million in revenue in the US.
  2. 2. Due to increased usage, APIs have become a new attack vector for cybercriminals and make applications and databases vulnerable to web application attacks.
  3. 3. Yes 68.8% No 24.4%Don’t know 6.8% Are you exposing APIs to your partners and the public?
  4. 4. How many public facing APIs exist in your organization? 0 1-10 11-50 51-100 101-200 201-300 3.2% 301-400 401-500 501-750 751-1000 1001+ Don’t know 5.6% 8.8% 8.8% 10.4% 8% 10.8% 12.4% 8% 8% 7.2% 8.8% Number of APIs
  5. 5. When thinking about securing your APIs, what is your main concern? Bots and DDoS attacks Authentication enforcement Need to profile APIs Inspection of API content to detect attacks Other concern Not applicable / No concerns 39.2% 24.4% 13.6% 14.8% 0.4% 7.6%
  6. 6. Yes 80% 12% No 8% Not applicable / Don't Know Are you using an API gateway to manage public facing APIs? ?
  7. 7. Yes 80%14.8% No 5.2% Not applicable / Don't Know Are you using a public cloud service to manage and secure APIs? ? X
  8. 8. 76.4%63.2% Web Application Firewall API GatewayNo security How are you securing your APIs? Network FirewallNot applicable / I don't know Runtime Application Self Protection 44.8% 5.6% 63.2%0.8%
  9. 9. 1.21%78.23% 10.89% DevOpsIT Security team App Developers Who typically oversees the security of your APIs? 6.05% DevSecOps Someone else Not applicable / I don't know 0.4% ? 3.2%
  10. 10. 8.4% 76.4% 15.2% No Yes Not applicable / Don't Know Does your company treat API security differently than web security?
  11. 11. Are DevOps part of your application development? Can you see security (DevSecOps) in the future of application development? Yes 92.4% No 4.4% I'm not sure 3.2% Yes 89.6% No 8% Not applicable / Don't Know 2.4% ? ?
  12. 12. APIs represent a mushrooming security risk because they expose multiple avenues for hackers to try to access a company’s data. To close the door on security risks and protect their customers, companies need to treat APIs with the same level of protection that they provide for their business-critical web applications.” — Terry Ray, Imperva CTO “
  13. 13. LEARN MORE Six Ways to Secure APIs
  14. 14. Imperva is a leading provider of cyber security solutions that protect business-critical data and applications.

×