Google: With Cloud Comes APIs & Security Headaches

Web application programming interfaces (APIs) are the glue that holds together cloud applications and infrastructure, but these endpoints are increasingly under attack, with half of companies acknowledging an API-related security incident in the past 12 months.

According to a survey conducted by Google Cloud, the most troublesome security problems affecting companies’ use of APIs are security misconfigurations, outdated APIs and components, and spam or abuse bots — with 40% of companies suffering an incident due to misconfiguration and a third coping with the latter two issues. 

Two-thirds of companies (67%) found API-related security issues and vulnerabilities during the testing phase, but most companies — greater than 60% — discovered issues during the software development process, during application deployment, and by using real-time monitoring, according to the survey of more than 500 technology leaders.

Despite these issues, more than three-quarters (77%) have confidence that they will catch issues, saying they have the required API tools and solutions, says Vikas Anand, head of product for business application platforms at Google Cloud.

“There’s a perception of confidence with existing tooling that isn’t matched by evidence,” Anand says. “The landscape for security has changed — with the dramatic growth in API volume, APIs are the new battleground for application security.”

The interest in Web APIs comes as companies have accelerated their digital transformations over the past two years following the business disruptions caused by the coronavirus pandemic. Nearly all (93%) of companies surveyed by Google in a second study of 770 technology leaders

Read more

Explore the site

More from the blog

Latest News