▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | Italian Channel Awards | Italian Project Awards | Italian Security Awards | ...
InnovationOpenLab

New Research Reveals Critical Gaps in Web App and API Security as Attack Complexity Grows

#applicationprotection--Fastly, Inc. (NYSE: FSLY), a leader in global edge cloud platforms, in partnership with Informa TechTarget’s Enterprise Strategy Group (ESG), released a new study today revea...

Business Wire

Despite widespread security adoption, organizations struggle to keep pace with rapid API expansion, multi-cloud challenges, and increasingly sophisticated cyberattacks, highlighting the pressing need for consolidated and automated defense solutions.

SAN FRANCISCO: #applicationprotection--Fastly, Inc. (NYSE: FSLY), a leader in global edge cloud platforms, in partnership with Informa TechTarget’s Enterprise Strategy Group (ESG), released a new study today revealing significant challenges for cybersecurity professionals as they combat the rapidly evolving application security landscape. The report, “Balancing Requirements for Application Protection,” based on insights from 383 cybersecurity and IT professionals in North America, underscores the escalating difficulties in securing rapidly expanding web applications and APIs amid growing cyber threats.

With organizations increasingly dependent on applications and APIs to generate revenue, the digital landscape is expanding at an unprecedented rate. On average, the surveyed experts project a 39% increase in the number of web applications and websites within the next two years, rising from an average of 145 to 201 per organization. Furthermore, API usage is expected to surge, with the percentage of respondents anticipating that more than half of their applications will use APIs increasing from 32% to 80% in the same period. As a result, security teams are grappling with agile development cycles and the widespread adoption of cloud infrastructure, making it increasingly challenging to maintain robust defenses.

As application security becomes critical, the risks have also increased. According to the study, 57% of midmarket and enterprise organizations have experienced web application and/or API attacks exploiting lesser-known vulnerabilities in the last 24 months.

Despite 92% of organizations implementing at least one web application firewall (WAF), 67% rely on multiple WAFs from different vendors. This fragmentation is largely due to multi-cloud complexities and feature-specific requirements, signaling a critical need for consolidated, next-generation security solutions capable of covering diverse environments, from cloud to on-premises and hybrid infrastructures.

"The rapid growth of APIs has fundamentally changed application environments and introduced significant security and governance challenges, from misconfigurations to API injection and volumetric DDoS attacks. Yet as organizations have layered multiple WAFs and bot management tools to address these risks, complexity has grown," said John Grady, principal analyst at TechTarget’s Enterprise Strategy Group. "We’ve reached a tipping point where adding different security tools provides diminishing returns. Cybersecurity and IT teams should be looking at ways to simplify operations and improve security by consolidating solutions that offer both automation and specialized protection from a wide range of threats."

The research also highlights a troubling trend: 45% of organizations that experienced a DDoS attack reported it as part of a diversion tactic in a larger, more coordinated assault. Shockingly, 70% of these diversions succeeded, resulting in significant operational disruptions and data loss. As attackers continue to innovate, organizations are increasingly turning toward automated solutions to counter these evolving threats. However, concerns remain—59% of IT professionals believe that cyber adversaries have the upper hand in leveraging AI for attacks.

"Speed is critical in application security, and automated attacks demand equally fast automated defenses to ensure privacy and security regulations are met and user information is protected," said Fernando Medrano, Deputy Chief Information Security Officer at Fastly. "As web applications and APIs continue to grow in prominence, organizations need to consider integrating security into the product development process early on rather than treat it as an afterthought."

To access the full report and explore how businesses are consolidating tools and shifting spending in response to high-profile cybersecurity incidents, click here. For additional insights from Fastly about the report findings and strategies for strengthening security, visit our blog.

About the Research

ESG surveyed 383 cybersecurity and IT professionals involved in securing their organizations' web applications in both midmarket and enterprise organizations across the United States and Canada. The interviews were conducted via an online survey between Nov. 1 and Nov. 14, 2024.

About Fastly, Inc.

Fastly’s powerful and programmable edge cloud platform helps the world’s top brands deliver online experiences that are fast, safe, and engaging through edge compute, delivery, security, and observability offerings that improve site performance, enhance security, and empower innovation at global scale. Compared to other providers, Fastly’s powerful, high-performance, and modern platform architecture empowers developers to deliver secure websites and apps with rapid time-to-market and demonstrated, industry-leading cost savings. Organizations around the world trust Fastly to help them upgrade the internet experience, including Reddit, Neiman Marcus, Universal Music Group, and SeatGeek. Learn more about Fastly at https://www.fastly.com, and follow us @fastly.

Source: Fastly, Inc.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

RSA at Cybertech Europe 2024

Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…

Italian Security Awards 2024: G11 Media honours the best of Italian cybersecurity

G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes

How Austria is making its AI ecosystem grow

Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries

Sparkle and Telsy test Quantum Key Distribution in practice

Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…

Most read

Synapse ITS Appoints Josh LittleSun as Chief Technology Officer to Drive…

#PressRelease--Synapse ITS (“Synapse”), a leader in transportation safety, is pleased to announce the appointment of Josh LittleSun as its new Chief Technology…

Rocket Lab Launches Next Batch of Satellites for Kinéis Constellation

$RKLB--Rocket Lab USA, Inc. (Nasdaq: RKLB) (“Rocket Lab” or “the Company”), a global leader in launch services and space systems, today successfully launched…

ADTRAN Holdings, Inc. to release fourth quarter 2024 financial results…

#Adtran--ADTRAN Holdings, Inc. (NASDAQ: ADTN) announced today that the Company will release its financial results for the fourth quarter 2024 after market…

AO Mainnet Launches, Ushering in a New Era of Decentralized Computing…

AO, a revolutionary platform for decentralized computing, launches its mainnet today following a highly successful testnet phase, with key milestones…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!