Large-Scale API Security Risks Fuel Growth in Cybersecurity Industry

BOULDER, Colo., Oct. 24, 2022 /PRNewswire/ — Application Programming Interfaces (APIs) present a significant security threat to enterprise data and this niche has become one of the fastest-growing segments of the cybersecurity industry, according to industry analyst and researcher Richard Stiennon. In the webinar Latest Trends in API Security and Learn How to Stay Ahead of Attackers, held October 20, 2022, Stiennon and API security expert and founder of Resurface Labs, Rob Dickinson, discussed the numerous vulnerabilities that exist with APIs and how companies can update their security strategy and tactics to effectively respond to API-based attacks.

APIs present an inherent security risk due to their architecture, and because of the limited visibility organizations have on the number and types of APIs in both their internal systems as well as their publicly facing applications. Security attacks using APIs are increasing, and the industry is responding in kind. 

“Vulnerabilities in data sharing between applications are readily becoming more apparent as the use of APIs continues to proliferate,” states Stiennon. “As enterprise security teams move to target this specific threat to their data, the API security sector continues to see dramatic increases in both revenue and number of product offerings.” As part of the discussion, Stiennon presented findings from his third-quarter report on the direction of the API security industry.

The webinar also provided specifics on how APIs are being exploited and practical solutions on how to mitigate this exposure.

The design of APIs requires that companies look outside conventional security measures.

According to Dickinson. “To safeguard data, companies need to look beyond traditional perimeter tools. APIs generate phenomenal amounts of traffic, and the API economy is showing no indication of slowing. To protect against the exploitation of rapidly proliferating API vulnerabilities, companies must improve their visibility, detection, and response to API-based attacks. Beyond traditional perimeter-based security approaches, organizations must be able to detect malicious API activity generated by attackers masquerading as paid, authenticated users. This is a critical risk for organizations in the new API-centric world of doing business.”

Individuals interested in accessing the full webinar can find it on Resurface Labs website or using the following link:

About Resurface Labs

Mapped to OWASP Top10, Resurface alerts on threats with complete data security patterns and behaviors. Resurface operates at runtime and is the only API security solution engineered for deep inspection at scale. Efficiently handling millions of API calls, Resurface detects and alerts on active attacks with complete datasets. Resurface Labs Inc is headquartered in Boulder, Colorado.

About IT-Harvest

Richard Stiennon is Chief Research Analyst for IT-Harvest, the firm he founded in 2005 to currently cover the 2,850 vendors that make up the IT security industry. He has presented on the topic of cybersecurity in 31 countries on six continents. He published Curmudgeon: How to Succeed as an Industry Analyst in 2020. In 2019 he published Secure Cloud Transformation: The CIO’s Journey. He also wrote Surviving Cyberwar (Government Institutes, 2010) and Washington Post bestseller, There Will Be Cyberwar. He is a member of the advisory board at several technology startups and sits on the boards of Anitian and QuickHeal. Stiennon was Chief Strategy Officer for Blancco Technology Group, the Chief Marketing Officer for Fortinet, Inc., and VP Threat Research at Webroot Software. Prior to these positions, he was a Research VP at Gartner. He has a BS in Aerospace Engineering and an MA in War in the Modern World from King’s College, London. Follow @cyberwar on Twitter.

Media Contact: Pat Clawson, 720-804-0324,

SOURCE Resurface Labs