

A new report out today from application programming interface security startup Cequence Security Inc. finds massive increases in threats and the targeting of “shadow” APIs in the last half of 2022.
Based on the analysis of about 1 trillion transactions spanning various industries over the second half of 2022, the report focuses on the tactics, techniques and procedures employed by threat actors targeting consumer-facing, business-to-business and machine-to-machine APIs.
The headline findings include shadow APIs spiking 900%, highlighting a lack of API visibility. Shadow APIs live outside the typical information technology management and security processes. They’re often undocumented, creating security and governance risks.
In the second half of 2022, Cequence measured about 45 billion search attempts for shadow APIs, up from a far more modest 5 billion attempts made in the first half of 2022. Some 68% of organizations analyzed were also found to have exposed shadow APIs.
There was also a considerable uptick in unique threats in the lead-up to the holiday season. Consequence saw a 550% increase in unique threats, rising from about 2,000 in June to 11,000 by mid-November 2022.
Attackers were found increasingly to combine API and web application security tactics. From June 2022 to October 2022, attackers favored traditional application security tactics, but as the holidays approached, there was a 220% surge in API security tactics such as anomalous traffic.
One standout sector being targeted was the telecom industry. The researchers noted that most retool attempts in the telecom industry were entirely new tactics, techniques and procedures, showing that threat tactics are diverse, sophisticated and persistent.
The report is said to demonstrate that the API threat landscape is constantly evolving and organizations need to be vigilant in protecting their APIs and web applications from automated threats, or bots, and vulnerability exploits. Attackers are becoming more sophisticated and API-specific in their tactics, and traditional protection techniques continue to provide an ineffective defense.
“Our research is vital in providing organizations with the necessary tools and knowledge to mitigate attacks in real-time,” Cequence Chief Executive Ameya Talwalker said before the report’s release. “By staying ahead of the curve and understanding the latest attack methods and tools, organizations can achieve complete API visibility and build the awareness and confidence needed to protect their APIs from even the most sophisticated attacks.”
Support our open free content by sharing and engaging with our content and community.
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.