Join us at Tampa Bay API Security Summit 2025!
Join us at Tampa Bay API Security Summit 2025!
Join us at Tampa Bay API Security Summit 2025!
Join us at Tampa Bay API Security Summit 2025!
Join us at Tampa Bay API Security Summit 2025!
Join us at Tampa Bay API Security Summit 2025!
閉じる
プライバシー設定
当社は、ウェブサイトの運営に必要なクッキーおよび類似の技術を使用しています。その他のクッキーは、お客様の同意がある場合にのみ使用されます。「同意」をクリックすると、当社によるクッキーの使用に同意することができます。どのデータが収集され、どのようにパートナーと共有されるかについての詳細は、当社のプライバシーとクッキーに関するポリシーをご覧ください。 クッキーポリシープライバシーポリシー
当社は、クッキーを使用して、お客様のデバイスの特性や特定の個人データ(IPアドレス、ナビゲーションの使用状況、位置情報データ、または一意の識別子)などの情報へのアクセス、分析、保存を行います。お客様のデータの処理にはさまざまな目的があります。アナリティクスクッキーを使用すると、当社のパフォーマンスを分析してお客様により良いオンライン体験を提供したり、キャンペーンの効果を評価したりすることができます。パーソナライゼーションクッキーを使うと、利用状況に応じたオファーやサポートを提供して、当社ウェブサイトをカスタマイズすることができます。最後に、広告クッキーは、ソーシャルメディアやインターネット上でターゲットを絞った広告を配信するためのオーディエンスリストを作成するために、お客様のデータを処理する第三者企業によって設定されます。各ページの下部にあるリンクを使用して、いつでも自由に同意を付与、拒否、または撤回することができます。
ありがとう!提出物が受理されました!
おっと!フォームの送信中に問題が発生しました。

Wallarm Q2 Report Reveals Sharp Rise in API Vulnerabilities & Exploits

July 28, 2022

Compared to Q1, API vulnerabilities rose +268%; impacted more vendors +270% and grew in criticality rating +90%

San Francisco, California Jul 28, 2022 (Issuewire.com)  - APIs are at greater risk today than they were even one quarter ago, according to a new report from Wallarm, a leading API Security vendor. As will be discussed in the upcoming webinar on August 8th, the Q2 2022 API Vulnerability and Exploit Report found that API vulnerabilities were more prevalent (+268%), farther-reaching (+270%), and increasingly critical (90%), which further escalates the risk to today’s API portfolios and the need for API security.

In Q2, Wallarm collected and analyzed 184 API vulnerabilities (an average of 2 per day) compared to just 50 last quarter. Overall, these vulnerabilities impact 111 different vendors (up from 30 in Q1) and 53 percent of them are rated critical or high compared to 28 percent which received that rating in Q1. More than one-third of the vulnerabilities are almost immediately exploited.

Gartner predicts that in 2022, API attacks will become the most-frequent attack vector, causing data breaches for enterprise web applications. Midway through the year, this forecast is proving true.

“As the API market continues its high growth trajectory, so too does the risk associated with them,” says Ivan Novikov, CEO, and co-founder of Wallarm. “Expanding vulnerability management efforts to include APIs requires visibility across the entire API portfolio, assessment and triage of vulnerabilities as they arise, and ensuring mitigations are implemented both in code and at run-time.”

Some of the highlights which will be in the final Q2 API vulnerability report include:

  • API threats grew 3.7x QoQ and already hit the 2 new exploits a day threshold.
  • Critical and High-risk API vulnerabilities have increased dramatically, to 53% of the total.
  • Injections (OWASP A03 / API8) are now the highest risk for APIs, ahead of BOLA by all metrics (number of discovered issues, exploitability and severity).
  • 33% of the reported API vulnerabilities are almost immediately exploited, with PoCs published within a median of 2-½ weeks.

Wallarm continually collects and analyzes published API vulnerabilities and exploits. Researchers dissect the data to look for trends and insights from a variety of perspectives, including software type, vendor, CVSS scores, CWEs, and both OWASP Top-10 (2021) for web apps and OWASP API Security Top-10 (2019). Publicly disclosed exploit POCs are also reviewed to understand if and when the threat has moved from theoretical to actual.

Learn more about the Q2-2022 API Vulnerability Report and download the infographic in this blog post.

Ready to protect your APIs?

Wallarm helps you develop fast and stay secure.