API Server Security Leaves a Lot to Be Desired

April 7, 2016

Inconsistencies in API server security may be the cause of future cyber-attacks, even if companies implement their APIs on custom-coded, in-house platforms or via on-demand, commercial offerings.

This is the conclusion of a recent market study carried out among 100 businesses across a variety of industries in North America, Europe, and Asia-Pacific. The representatives of these companies were asked if they used APIs, why they chose to go this route, and how they secured them.

Over half of the respondents (51%) said they deployed their APIs because this allowed external developers to build apps on top of their service, probably the main reason APIs are so popular today.

On the other hand, more companies explain they use APIs to allow partners to interact with their data (67%), to improve employee mobility (62%), and to make their services and apps cloud-compatible (57%).

Procedures and guidelines for addressing API security are needed

Regardless of their reasons, the study reveals that many companies do not know yet how to deal with API platform security concerns. There's a 53-47 percent split between companies who feel API security should be managed by special security teams and those who think that developers (programmers) are the ones who should handle this task.

Read the Article

Previous Article
New Study Demonstrates Lack of Focus on API Security
New Study Demonstrates Lack of Focus on API Security

A new study by Ovum and Distil Networks released today shows that a third of all APIs are designed and impl...

Next Article
Bot traffic on the descent: Will the real GET request please stand up?
Bot traffic on the descent: Will the real GET request please stand up?

New research from Distil Networks has shown that in 2015, overall bot traffic, as compared to human traffic...